Boost Consulting services are designed to assist financial institutions (bank, savings association, credit union, trust company, etc.) with their information security and compliance needs. Our team of professional consultants consists of qualified information security experts who specialize in serving the financial industry. With Boost Consulting, we provide information security knowledge and expertise along with tools that improve information security governance, processes, and controls, and reduce the burden of maintaining compliance.
Boost VISO Consulting complements your organization’s existing ISO role by providing comprehensive, expert-led development and upkeep of all elements of an information security program as described in the Interagency Guidelines for Establishing Information Security Standards and other industry recognized guidance. Our security and compliance experts are qualified individuals who are passionate about Information Security. We can help you navigate the continuous changes and updates to regulatory guidance, security standards, examiner expectations, and the threat landscape.
Boost Consulting offers information security consulting services on an annual retainer basis to supplement your financial institution's information security officer role with knowledge, background, training, and independence specific to the financial industry. By means of semimonthly consulting workshop sessions scheduled over the course of the year, Boost consulting services complement the information security capabilities your financial institution already has. Our security and compliance experts will teach, guide, and equip you to administer your information security program and strengthen it over time.
We can assist you with your information security risk management process from the ground up. Boost Consulting will help you develop and maintain an annual "reasonably foreseeable" information security risk assessment, Internet banking risk assessments, and asset-specific risk assessments to provide a strong foundation for your risk-based Information Security Program.
Boost Consulting will facilitate the development of the BCP, utilizing a Business Impact Analysis (BIA), to address adverse events such as natural disasters, technological failures, human error, and terrorism. In addition, Boost Consulting will assist with orientation/walkthrough and tabletop/mini-drill tests, the first two levels of BCP testing according to the FFIEC.
Information Security Policies establish the foundation for a customized security program for your financial institution. Boost Consulting will partner with your institution to produce Information Security Policies, which are comprehensive and easily expandable to incorporate organizational changes.
Boost Consulting will assist your financial institution with its vendor management program by providing a framework to streamline the process of collecting, reviewing, and documenting pertinent information about your third-party service providers.
Using our experience implementing, auditing, and testing technology for financial institutions, Boost Consulting will assist with finalizing your Cybersecurity Assessment Tool (CAT) by providing industry knowledge, expertise, and peer group analysis within each domain. We will also use the results of your CAT to prepare a cybersecurity presentation in order to communicate cybersecurity information to your Board of Directors, management, or committees of the Board. This service transforms the CAT from a compliance exercise into a communication tool that provides actionable cybersecurity information.
Boost Consulting will implement an audit tracking process designed to help your financial institution track issues and manage responses to audits, exams, and any other form of internal or external testing. The audit tracking program centralizes responses and follow-up testing and provides up-to-the-minute reports so that the status of responses and issue resolution can be easily monitored and communicated to the Board, management, audit committee, and examiners. For financial institutions who perform their own internal audits, Boost Consulting can also help you design and implement an automated audit management process for creating and conducting audits.
Boost Consulting will help you develop an incident response plan for your organization. Our process is based on NIST's Computer Security Incident Handling Guide, the gold standard for incident management and response. We will help you customize your plan, document roles and responsibilities, develop action plans, and more. Be ready for any incident. After an incident, your Boost Consultant can provide guidance in finalizing incident documentation and updating your plan as needed.
Boost Consulting services add value to your Tandem license subscription. When you partner with a Boost consultant, you inject experience and expertise into your information security program. Boost Workshops for Tandem Software include two 90-minute sessions for one Tandem product. Get a jumpstart on using the software, learn best practices, and get your most pressing questions answered with the help of an experienced consultant. Boost Workshops are available for the following Tandem products:
To learn more about Tandem, visit conetrix.com/Tandem.