GLBA Operational Risk Assessment

Financial institutions are charged with the responsibility of ensuring the security of non-public information. Moreover, the confidentiality, integrity and availability of information are of paramount concern. Regulatory agencies require that risk assessments be bank-wide in scope, and not focused on departmental units. To meet these requirements, AaSys offers our GLBA Operational Risk Assessments.

AaSys follows the International Standard for Organization’s (ISO) framework, otherwise known as IT Best Practices, for our risk assessments. AaSys’ IT Consultants utilize a database containing over several hundred of identified risks as they review your organization’s policies, procedures and operational environment.

Written documentation and executive reports are prepared for Board of Director approval. Both recommendations and a timeline for implementation, along with a detailed report which identifies each risk and provides recommendations to mitigate risks are provided.

Red Flags Identity Theft & Implementation Program

The FACT Act (Fair and Accurate Credit Transactions Act of 2003) establishes a deadline of November 1, 2008 for creditors to implement a written Identity Theft Prevention Program. This program must detect, prevent and mitigate identity theft revolving around the opening and accessing of new or existing accounts. Developing planned responses to these Red Flags and documenting these practices is another component of the Identity Theft Prevention program

AaSys will review your Identity Theft Program and provide enhancement recommendations. Processing environments differ in terms of core solutions and ancillary applications that have been implemented. This engagement will evaluate how your financial institution uses monitoring and alerting tools built into current technologies. If your financial institution uses a manual process, this engagement will review the processes in place to evaluate, document and mitigate risks.

AaSys will then:

  • Deploy a web-based tool in completing a risk assessment.
  • Identify the vulnerabilities found and provide recommendations to mitigate risks.
  • Configure and setup the web-based employee training tool for your staff
  
   
 
 
 
Home       Contact Us       Privacy Statement      © 2008 AaSys Group