Create a custom
Information Security Program

Manage your security
and compliance programs

Anywhere access to your
Business Continuity Plan

Intuitive Vendor Management

Why tandem?

It's all in the name. CoNetrix tandem software is an online solution that helps ease the burden of regulatory compliance. We have done the research up front so you can be compliant with information security regulations in much less time. Don't labor over extensive language and making sure updates are made to all the right documents. Let us work in tandem with you so you can accomplish your compliance goals.

Who is tandem for?

tandem software was built specifically for financial institutions (banks, savings associations, credit unions, and trust companies) to help increase security, stay in compliance, and lower overhead costs. We understand bank employees, especially for community banks, are asked to wear numerous hats, and with the continued increase in compliance burden, it is hard to keep your balance. In the past, we have primarily assisted banks with their security and compliance needs through expensive consulting, but now with CoNetrix tandem software, you can save time and money without sacrificing information security, cybersecurity, or compliance.

Request a Quote

Audit Management Software

CoNetrix tandem Audit Management software is designed to help financial institutions (e.g., banks, savings associations, credit unions, mortgage companies, trust companies, etc.) manage, track, respond to, report, and conduct any type of audit or exam.

tandem Audit Management

The tandem Audit Management software features multiple versions.

  • Audit Standard allows full access to the finding and response manager for entering and tracking the status of responses for any type of audit or exam, including recommendations, responsibilities, and due dates.
    * A complimentary version of this product, Audit Lite, is provided with every CoNetrix audit (limited to tracking CoNetrix security engagements).
  • Audit Pro builds upon the finding and response manager of Audit Standard and allows full access to the audit manager tool which gives the ability to create and conduct audits, including work programs and work papers.

Learn More

Business Continuity Planning Software

Business continuity and disaster recovery are critical for any company, but especially for financial institutions (banks, savings associations, credit unions, and trust companies). A good business continuity plan (BCP) should help a company or institution avoid losses as well as return to normal operations as soon as possible if an adverse event or disaster were to occur.

tandem Business Continuity Planning

CoNetrix offers online business continuity planning software to facilitate the development and maintenance of a Business Continuity Plan/Disaster Recovery Plan, following FFIEC, FDIC, OCC, Federal Reserve, and NCUA guidance. Use the software to prepare for adverse events such as natural disasters, biological pandemics, technological failures, human error, terrorism, and cyber-attacks.

The tandem Business Continuity Planning software includes the ability to:

  • Work through an easy to follow process
  • Conduct a business impact analysis (BIA) process with uniform questionnaires
  • Define and develop business process restoration procedures
  • Customize emergency checklists and preparedness controls
  • Send employee alert messages through phone, email, and text messages (SMS)
  • Use more than 10 template emergency checklists to get you started
  • Specify emergency meeting locations
  • Document a recovery plan and additional recovery details for equipment
  • Upload supplemental documentation to a secure site for remote backup
  • Easily document business continuity tests

Learn More

Compliance Management Software

Financial Institutions (banks, savings associations, credit unions, and trust companies) have extensive regulatory requirements and compliance tasks. The CoNetrix tandem Compliance Management software helps you identify, schedule and track important dates impacting financial institution requirements including reporting, audits, training, operations, and compliance.

tandem Compliance Management Free

CoNetrix offers a free online software solution to help financial institutions keep track of regulatory and compliance events. The tandem Compliance Management software includes the ability to:

  • Review upcoming events, past due events, proposed events, year at a glance, and more through a dashboard overview
  • Visually manage events via a calendar view
  • See, schedule, and track repeating requirements using an event scheduler
  • Sort and filter events based upon event categories
  • Receive email notifications and reminders for tasks and events
  • Use a list of recommended recurring events

Request Access

tandem Compliance Management Pro

In addition to the basic features in the free tandem Compliance Management software, the pro version offers:

  • Downloadable documents in editable Microsoft format
  • Customizable categories in addition to the CoNetrix suggested event categories
  • File attachment capabilities for storing event results and reports
  • Task functionality for assigning multiple recurring tasks (email reminder capable)
  • Ability to export events to Outlook/iCal
  • Optional read-only access role
  • Bulk import to add events

Request a Quote

Learn More

Cybersecurity

On June 30, 2015, the FFIEC released a Cybersecurity Assessment Tool to help financial institutions identify their risks and assess their cybersecurity preparedness. The assessment tool is designed to provide a repeatable and measurable process for banks and credit unions to measure their cybersecurity preparedness over time.

tandem Cybersecurity Free
The FFIEC Cybersecurity Assessment Tool automated

CoNetrix is pleased to offer a FREE online tool to assist financial institutions in completing the FFIEC Cybersecurity Assessment. This easy to use SaaS tool was designed to walk financial institutions to:

  • Answer questions provided in the FFIEC Cybersecurity Assessment Tool.
  • Analyze the institution's Inherent Risk and Cybersecurity Maturity.
  • Facilitate gap responses.
  • Run various reports to model data in an easy-to-read format.
  • Optionally allow Peer Analysis to anonymously compare results with other financial institutions.

You can request access for this solution by clicking on the link below. Once you request access, please allow 48-72 hours for your account to be setup.

Request Access

tandem Cybersecurity Pro

In addition to the features in the free tandem Cybersecurity Assessment Tool, the pro version also allows users to:

  • Filter peer results by regulatory body and asset size.
  • Download reports to compare peer responses.
  • Use the module without advertisements.
  • Copy existing assessments.
  • Flag questions for follow up.
  • Compare assessments on a Global Dashboard.
  • Upload substantiated evidence to validate answers.
  • Assign categories and specific questions to users.

Request a Quote

tandem Cybersecurity Pro+

tandem Cybersecurity Pro+ includes all of the features of tandem Cybersecurity Pro, plus:

  • Annual training for your Board of Directors.
  • Assistance with reporting to the Board.
  • Consulting services, related to the FFIEC Cybersecurity Assessment Tool.
  • Employee training on tandem.

Request a Quote

Learn More

Identity Theft Prevention Program Software

On November 9, 2007, the Agencies jointly issued final rules and guidelines to implement Sections 114 and 315 of the Fair and Accurate Credit Transactions Act of 2003 (FACT Act). These rules require financial institutions (banks, credit unions, trust companies, mortgage companies) and creditors to develop and implement a written Identity Theft Prevention Program to detect, prevent, and mitigate identity theft in connection with covered accounts. Additionally, the rules require financial institutions to establish policies and procedures to assess the validity of a change of address.

tandem Identity Theft Prevention Program

CoNetrix offers online software to help create your Identity Theft Prevention Program document, along with customizable employee training for Identity Theft Red Flags. Our software follows the FDIC, OCC, Federal Reserve, NCUA, and FTC (the Agencies) red flag rules and guidelines and enables you to efficiently create a complete Identity Theft Prevention Program.

The tandem Identity Theft Prevention Program software includes the ability to:

  • Work through an easy multi-step process to create your program
  • Update your information annually
  • Receive automatic software updates for content and functionality
  • Download your program in an editable Microsoft Word document or as an Adobe PDF
  • Utilize a red flags training course, based on your red flags and covered accounts
  • Modify the course’s content
  • Manage and enroll an unlimited number of users in red flag training
  • Obtain reports to show who has taken and passed the training
  • Download the red flags training as a Microsoft PowerPoint presentation
Learn More

Internet Banking Security Program

On June 28, 2011, the FFIEC issued a supplement to the Authentication in an Internet Banking Environment guidance released in October 2005. The purpose of the supplement is to reinforce the guidance's risk-management framework and update the FDIC, OCC, NCUA, and Federal Reserve’s (collectively, the Agencies’) expectations regarding customer authentication, layered security, or other controls in the increasingly hostile online banking environment.

tandem Internet Banking Security Program

CoNetrix has developed an online software to help financial institutions (i.e., banks, credit unions, savings associations, etc.) go through the risk assessment process and provide customer awareness and education. The tandem Internet Banking Security Program is a stand-alone software module integrated with the tandem Security & Compliance online software.

The program is divided into two components:

  • The Internet Banking Risk Assessment features an easy process with a questionnaire to identify risk levels and help you assign layered controls to mitigate related Internet banking and cybersecurity risk. Your risk assessment is customizable based on your financial institution's unique situation.
  • The Customer Education/Awareness Program will provide your financial institution with the tools to deliver education and security awareness to your customers.

In addition, the tandem Internet Banking Security software will provide you with account takeover (ATO/CATO) template documents to assist in your annual reporting to the board and documenting of incident response procedures.

Learn More

tandem Phishing

As part of employee training, the Agencies (FFIEC, FDIC, OCC, NCUA, and Federal Reserve) directed financial institutions to encourage employee awareness and preparation for a variety of social engineering attacks, including phishing email scams.

What is phishing?

According to the FFIEC Information Security E-Banking Booklet, phishing is “a digital form of social engineering that uses authentic-looking – but bogus – email to request information from users or direct them to fake Web sites that request information.” Just as technical security is necessary for cybersecurity, employee education plays a role in maintaining cybersecurity. Only employees can save themselves from being victims of a phishing email cyber-attack.

CoNetrix has developed an online software to help financial institutions test their employee preparedness to recognize and avoid phishing attacks. tandem Phishing allows you to:

  • Send an unlimited number of automated phishing emails to your employees
  • Contact employees using unfamiliar or recognizable email addresses
  • Select custom groups of recipients for diverse testing results
  • Use CoNetrix templates or create your own
  • Create unique landing pages for user education
  • Review analytics and download reports

Learn More

Policies Software

Policies and procedures are the primary method financial institutions (banks, savings associations, credit unions, and trust companies) use to define controls. Too often, after they are developed, they end up just sitting on a desk and collecting dust until the next exam.

tandem Policies

CoNetrix offers an online solution to help you create and maintain your enterprise-wide policies in tandem. Maintain all of your financial institution’s policies in tandem with special category access roles and an enterprise-wide Acceptable Use Policy (AUP) generated from your individual policies and categories.

Additionally, the tandem Policies module comes with expert-designed Information Security Policies customized for your institution through a questionnaire. The Information Security Policies section includes:

  • More than 55 pre-defined policies, designed to be in compliance with information security and cybersecurity regulations, including Incident Response, Change Management, Core Application, Electronic Banking (e-Banking), Firewall, Mobile Devices, Social Media, and Wireless Network Access
  • Ability to define verification items for each policy and roll them into various committee meeting agendas
  • Each policy is mapped to appropriate regulatory guidance (FFIEC, FDIC, OCC, Federal Reserve, and NCUA) and the system optionally allows you the ability to include the following standards:
    • COBIT 4.1
    • NIST SP800-53
    • ISO Standards
    • PCI DSS vs. 2.0

Learn More

Risk Assessment Software

The Gramm-Leach-Bliley Act (GLBA) and the Interagency Guidelines Establishing Information Security Standards require financial institutions (banks, savings associations, and credit unions) establish an Information Security Risk Assessment.

tandem Risk Assessment

CoNetrix offers an online risk assessment software solution to help banks and credit unions perform an information security risk assessment, per GLBA, as well as individual information asset risk assessments. We designed our software using guidance from the FFIEC, FDIC, OCC, Federal Reserve, NCUA, and CFPB. Our web-based risk assessment software is designed in an easy-to-follow format.

Information Security Risk Assessment

The tandem Information Security Risk Assessment Software includes:

  • A location management tool to assist in identifying likelihood and potential damage based on physical locations
  • A threat questionnaire broken into eight sections to assist in quantifying the likelihood and potential damage associated with threats.
  • More than 60 pre-defined "common" threats to financial institutions, including Biological Pandemic, Remote Deposit Capture, Internet Banking System Misuse, and Wireless Emissions Compromised
  • A confidential information management section to manage data classification and data flow and to document the location of customer information and/or vital records
  • A threat management section to manage controls, information security and cybersecurity compliance, impact, and guidance associated with identified threats

Information Asset Risk Assessments

Additionally, the Information Asset Risk Assessments portion includes:

  • Risk assessment framework with control reduction calculation to assist in quantifying the likelihood and potential damage associated with threats
  • Data type management to manage data classification and to document which assets house various data types
  • A threat management component to manage controls, compliance, impact, and guidance associated with identified threats
  • Multiple risk assessment templates for priority assets, including ATM, Mobile Devices, and Social Media
Learn More

Social Media Management Software

On December 11, 2013, the FFIEC released a guidance on behalf of the FDIC, OCC, Federal Reserve, NCUA, CFPB, and SLC titled "Social Media: Consumer Compliance Risk Management Guidance." The guidance is intended to help financial institutions understand potential compliance, legal, reputation, operational, and other risk associated with social media. As part of the guidance, it is suggested each financial institution have a risk management program to identify, measure, monitor, and control risks related to social media.

Social Media Management

The CoNetrix tandem Social Media Management software will assist financial institutions (e.g., banks, credit unions, trust companies, and mortgage companies) in developing and maintaining a risk management program. In addition to the written program, the tandem Social Media Management software can help you:

  • Manage your social media profiles with one login.
  • Create a custom review process for authoring, scheduling, and approving posts.
  • Publish to all accounts from one secure site.
  • Track and limit employee access to your social media accounts.
  • Monitor social media sites for posts about your financial institution.

The CoNetrix tandem Social Media Management software features three components:

  • The Risk Management Program helps develop and manage your financial institution's social media compliance and risk management program, including governance, policies and procedures, third-party management, employee training, oversight, audit and compliance, and reporting.
  • The Publishing tool allows you to create, approve, and manage your social media posts to multiple outlets from one location.
  • The Monitoring tool allows you to track and monitor information posted about your institution.

Learn More

Vendor Management Software

Financial Institutions (banks, savings associations, credit unions, trust companies) often rely on third parties for different software, products, or services. The use of third parties or service providers does not reduce the responsibility of the Board of Directors and senior management to ensure the third-party products and/or services are safe and sound and comply with applicable laws, regulations, and security best practices. This is accomplished through vendor management.

tandem Vendor Management

CoNetrix offers an online vendor management software solution to help you manage your service providers. The online tandem Vendor Management software includes the ability to manage each vendor individually, using the following sections:

  • Contact Information: Include contact information for the vendor and services.
  • Profile: Record important facts about your vendor with the company profile.
  • Services: Assign and maintain services the vendor provides. Optionally conduct a risk assessment on each service and fill out a questionnaire to determine the relationship significance and required documents.
  • Responsibility: Assign employees to vendors so they can manage the updates.
  • Reviews: Conduct and document regular reviews of the vendor, covering Quality of Service and Risk Management practices.
  • Contracts: Manage and review contracts, with the ability to securely store contracts for business continuity purposes. Get automated email reminders about important dates.
  • Documents: Manage and review supporting documents from vendors (e.g. SSAE16 reports, financial statements, proof of business continuity testing, etc.).
  • Requests: Send requests for documentation to your vendor contacts and receive responses through tandem.
  • References: Document and maintain references for a vendor during vendor selection.

Learn More