Red Flags

Jointly proposed by the FTC and member agencies of the FFIEC, the ID Theft Red Flags Rule requires the establishment of an ID Theft Prevention Program to "DETECT, PREVENT and MITIGATE identity theft in connection with the opening of certain new and certain existing accounts". As of November 1, 2008, "any person or business who arranges for the extension, renewal, or continuation of credit" must have an ID Theft Prevention Program in place that is appropriate for their organization.

With Dell SecureWorks' Red Flags Program Development service, our compliance experts will work with you to create and establish a comprehensive ID Theft Prevention Program based on industry best practices and examiner expectations. As part of this service, our consultants will develop a tailored ID Theft Prevention Program for your organization that incorporates:

• High-level Program Description
• Appropriate Board Oversight
• Risk Analysis for identifying each Red Flag
• Policies for ID Theft Prevention Program
• Standards for flagging ID theft based on regulator guidance
• Operational Procedures for verifying identities, detecting red flags, assessing red flags and mitigating identity theft
• Proper Vendor Oversight
  
• Staff Training on policies and procedures

Program Description
Our experts will develop an executive-style overview that outlines your entire ID Theft Prevent Program for approval by the Board of Directors. This document will also include a high-level description of the Risk Analysis methodology.

Committee Charter
Dell SecureWorks' will create a charter to instantiate a committee with sufficient oversight over the ID Theft Prevention Program, including Risk Analysis, board reporting and authority to change the program.

Risk Analysis
Dell SecureWorks' experts will work with you to define an effective Risk Analysis methodology to identify covered accounts within your organization and which red flags are necessary to sufficiently manage risk to your customers and business.

Policies, Standards and Procedures
Using best practices, Dell SecureWorks will develop tailored policies, standards and operational procedures that align with regulatory guidance for:
• Verifying the identity of parties opening accounts
• Detecting relevant Red Flags associated with the opening or modifying existing accounts
• Assessing whether detected Red Flags indicate risk of identity theft
• Mitigating the risk of identity theft via measures proportionate to the level of risk present

Vendor Oversight
Dell SecureWorks will help you ensure that sufficient steps are taken to properly oversee service provider arrangements within the scope of your Identity Theft Prevention Program. This includes reviewing vendor management policies and standards and recommending appropriate controls.

Staff Training
Our experts will help you develop and conduct staff training on your policies and procedures for preventing, detecting and mitigating identity theft risks as part of your comprehensive Identity Theft Prevention Program.