S.D. Admin. R. 20:06:45:23

Current through Register Vol. 50, page 151, June 10, 2024
Section 20:06:45:23 - Assess risk

The licensee:

(A) Identifies reasonably foreseeable internal or external threats that could result in unauthorized disclosure, misuse, alteration, or destruction of customer information or customer information systems;
(B) Assesses the likelihood and potential damage of these threats, taking into consideration the sensitivity of customer information; and
(C) Assesses the sufficiency of policies, procedures, customer information systems and other safeguards in place to control risks.

S.D. Admin. R. 20:06:45:23

29 SDR 48, adopted September 20, 2002, effective 3/1/2003; 31 SDR 67, effective 11/14/2004.

General Authority: SDCL 58-2-40, 58-2-41.

Law Implemented: SDCL 58-2-40, 58-2-41.