FSA just-released a notice on Safeguards Rule compliance

[Brian Kelly <bkelly () EDUCAUSE EDU>]

FSA just-released a notice on Safeguards Rule compliance:

https://ifap.ed.gov/electronic-announcements/022820EnforcCyberReqGrammLeachBlileyAct<https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fifap.ed.gov%2Felectronic-announcements%2F022820EnforcCyberReqGrammLeachBlileyAct&data=02%7C01%7C%7C0f9690bf7fc7449a086c08d7bd6c2fe6%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C637186144664752672&sdata=Xa6nHHXa894NhnGS9DhlkCHVMZ%2Fg%2BcojLnJG5kqAoa8%3D&reserved=0>

Summary from Jarret Cummings our Senior Advisor, Policy and Government Relations-
“Essentially, this operationalizes the Safeguards Rule audit objective. If an institution gets an audit finding based 
on the Safeguards Rule federal single audit objective, the finding will be included in the audit report that FSA 
receives. FSA in turn will share the finding with the FTC as well as its internal Cybersecurity Team. If the CT thinks 
the situation is particularly egregious, it may cut off access to FSA systems and refer the issue to FSA's admin 
compliance unit for a fine or some other form of admin action.”


Brian Kelly, CISSP, CISM, CEH
Director, Cybersecurity Program

EDUCAUSE
Uncommon Thinking for the Common Good
Follow HEISC on 
LinkedIn<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fshowcase%2Fhigher-education-information-security-council-heisc-%2F&data=02%7C01%7C%7C7197d41189e4414981ae08d69dc9670a%7Cdd4b037fe626495db0170cc0f7dddb37%7C0%7C0%7C636869885680898966&sdata=%2FYvU%2BLTYHbPmcyL1AoksiKTSdMeFQ93qASFmTp8Emmo%3D&reserved=0>
 | Twitter: @HEISCouncil | bkelly () educause edu<mailto:bkelly () educause edu>

direct: 720.406.6757 | mobile 475.449.6440 | educause.edu<http://www.educause.edu/>
1150 18th Street, NW, Suite 900 Washington, DC 20036




**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community