GLBA Risk Assessment Services

We can assist you with your information security risk management process from a product- or vendor-specific risk assessment to a comprehensive Information Security Risk Assessment, as part of your Information Security Program.

Boost RA—Risk Assessment services

CoNetrix will help you produce and maintain an information security risk assessment addressing "reasonably foreseeable" threats as defined in and required by the Gramm-Leach-Bliley Act (GLBA) and the Interagency Guidelines Establishing Information Security Standards.

Specifically, we will:

• Guide you through the development and maintenance of Information Security and Asset-Based Risk Assessments
• Provide documentation and reporting for risk assessments
• Review and update customer information locations
• Assist in defining reasonably foreseeable internal and external threats that could result in unauthorized disclosure, misuse, alteration, or destruction of sensitive information or information systems
• Help assess the likelihood and potential damage of threats to the bank's operations using a threat-based model
• Assess the risk posed to specific assets using an asset-based risk assessment model
• Facilitate creation of a Risk Management Plan, where needed
• Evaluate and incorporate threats to Information Assets into policies appropriate to the bank's Information Technology operations
• Assess policies and procedures for general regulatory compliance
• Creation of an Information Security Risk Assessment Revision Log in Tandem to note significant changes or applicable threats (new, deleted, rename, and risk level changes).
• Provide a summary report to the Board of Directors detailing the scope and depth of the institution's risk assessments
• Generate finalized documents, including Board reporting
• Provide training on how to use the Tandem Risk Assessment and Tandem Internet Banking Risk Assessment products

Boost + Tandem

This engagement requires a subscription to Tandem Risk Assessment and Tandem Internet Banking Risk Assessment (if applicable).

As a part of Boost Consulting, we will provide training and assistance with using the software.

The Tandem Risk Assessment product interfaces with the products listed below. By purchasing and using multiple products, users have the advantage of mapped integrations for policies, vendors, and assets. Ask your account representative about additional consulting services for these products.

• Tandem Business Continuity Planning
• Tandem Information Security Policies
• Tandem Vendor Management

Ready to get started?

Start the conversation