Canonical FrameworkCompliance & Audit

GLBA (Gramm-Leach-Bliley)

GLBA control-mapping starter for financial institutions protecting nonpublic personal information. It references privacy, information-security, risk, incident, and provider-oversight duties and supplies configurable gateway controls or evidence fields where applicable.

This template is a configurable starting point and control mapping. It is not certification, legal advice, or a guarantee of compliance; validate it against your obligations and environment before use.

Regions

US

References

4 references

Mapped Control Domains

7 mapped domains

Deployment

Regulated SaaS, Financial (Cache Disabled)

Referenced Frameworks, Standards & Obligations

Gramm-Leach-Bliley ActFTC Privacy Rule (16 CFR Part 313)FTC Safeguards Rule (16 CFR Part 314)FTC Safeguards Rule 2023 Amendment

Mapped Control Domains

Data Privacy
Access Control
Safeguards
Third Party Oversight
Risk Management
Incident Response
Data Encryption

Deployment profiles

Regulated SaaS
Financial (Cache Disabled)

Get started in 3 steps

1

Open the template

Open the catalog entry in the Keeptrusts console and review its included controls, references, and deployment metadata.

2

Adapt the configuration

Use the template as a starting point, then adjust relevant policies, thresholds, routing, and review settings for your requirements.

3

Validate before rollout

Test every outcome you configure—such as allow, redact, block, or operator review—before deploying through a supported gateway workflow.