In light of a number of highly publicized security breaches involving service providers, on April 18, 2011, the Office of the Comptroller of the Currency (OCC) issued an alert highlighting the need for national banks and their technology service providers (TSPs) to take steps to ensure that their enterprise risk management is sufficiently robust to protect and secure bank and customer information. The alert highlights that national banks and their TSPs should perform periodic risk assessments of their information security programs with respect to the prevention and detection of security incidents. Moreover, the OCC indicated that it expects national banks and their TSPs to review specific advisories issued following a recent security incident to ensure that their information security programs appropriately address recommendations made in those advisories, based on their environment and risk profiles.