Home
Services
Qualifications
Team
Articles
Links
Testimonials
Email Update Signup
Contact
 


Information Asset Risk Assessments

The security of your information system must be assessed to protect your bank and your customers while meeting regulatory requirements. KraftCPAs' IS risk assessment procedures are designed to accommodate the objectives of the bank and its regulatory agencies. 

Our approach:


  • is enterprise-wide in scope (covering management, technical and operational controls)
  • is based on documented risk assessments
  • includes analysis of controls, policies, procedures and security measures
  • is designed to meet the requirements of the Gramm-Leach-Bliley Act (GLBA) and provisions of the FFIEC Information System Handbook

Procedures include, but are not limited to, the areas listed below:


  • IS processes related to internal audit
  • Management/Organization
  • Contingency Planning
  • IS Policy Review
  • Critique of Control Design
  • Critique of Policy and Control Practice
  • Testing of Core System Interfaces
  • Systems Development and Programming
  • Computer Operations
  • Security – Physical and Data
  • Network Controls
  • End-User Computing (Personal Computers)
  • Document Imaging
  • EFT's (ATM, debit cards, home banking, ACH, Wire Transfer)
  • Internet Banking
  • Privacy Issues of Customer Data (to the extent necessary to satisfy requirements of the Gramm-Leach-Bliley Act)
 
2009 Copyright KraftCPAs
KraftCPAs PLLC - Nashville, TN accounting and technology firm with banking expertise.