Be prepared for your next regulatory exam
Regulated financial institutions across the country trust Accume
Partners' team of veteran IT auditors to prepare them for annual
federal and state IT compliance examinations. Our certified
auditors have personal experience overseeing Information Security
Programs and IT systems and networks at community banks; we
understand the financial services environment from the inside.
Accume Partners has a proven risk-based auditing methodology.
Guided by GLBA requirements, the FFIEC IT Examination Handbook,
NIST's cybersecurity framework and experience over hundreds of
engagements, we conduct testing based upon a risk assessment to
ensure focus on the high risk areas.
This methodology takes into consideration the specific
environment and risk culture at each client. We address the
business goals of data confidentiality, integrity and availability.
In addition to satisfying regulatory compliance goals,
our reviews and deliverables provide a clear view into whether IS
controls and technical systems are operating effectively to
safeguard information assets.
IT Audit for FFIEC / GLBA
Determine your Financial Institution's level of compliance with
the specified controls required by FFIEC and GLBA. This Assessment
provides an information systems security controls compliance review
in accordance with the FFIEC Information Systems Handbook and the
Interagency Guidelines for the Safeguarding of Customer
Information, pursuant to sections 501 and 505(b) of the GLBA.
IT Controls Review
Determine how effectively information systems controls are
operating to safeguard data confidentiality, integrity and
availability. The IT general controls audit includes a review
of all key components of the IS Program: Vendor Management;
Business Continuity, Disaster Recovery & Incident Response;
Core Operations; E-Banking; Retail Payment Systems; Risk
Typical IT Systems Testing
- External network vulnerability / penetration testing
- Internal network vulnerability testing
- Internal network patch audit
- Social Engineering
Advanced IT Audit Testing
- Reconnaissance & public information review
- Wireless network security testing
- Virtualized environment testing
- Web application vulnerability assessments (Unauthenticated