GLBA Risk Assessment Services
We can assist you with your information security risk management process from a product- or vendor-specific risk
assessment to a comprehensive Information Security Risk Assessment, as part of your Information Security Program.
Boost RA—Risk Assessment services
CoNetrix will help you produce and maintain an information security risk assessment addressing "reasonably
foreseeable" threats as defined in and required by the Gramm-Leach-Bliley Act (GLBA) and the Interagency Guidelines Establishing Information Security Standards.
Specifically, we will:
- Guide you through the development and maintenance of Information Security and Asset-Based Risk Assessments
- Provide documentation and reporting for risk assessments
- Review and update customer information locations
- Assist in defining reasonably foreseeable internal and external threats that could result in unauthorized disclosure, misuse, alteration, or destruction of sensitive information or information systems
- Help assess the likelihood and potential damage of threats to the bank's operations using a threat-based model
- Assess the risk posed to specific assets using an asset-based risk assessment model
- Facilitate creation of a Risk Management Plan, where needed
- Evaluate and incorporate threats to Information Assets into policies appropriate to the bank’s Information Technology operations
- • Assess policies and procedures for general regulatory compliance
- Creation of an Information Security Risk Assessment Revision Log in Tandem to note significant changes or applicable threats (new, deleted, rename, and risk level changes).
- Provide a summary report to the Board of Directors detailing the scope and depth of the institution's risk assessments
- Generate finalized documents, including Board reporting
- Provide training on how to use the Tandem Risk Assessment and Tandem Internet Banking Risk Assessment modules
Boost + Tandem
This engagement requires a subscription to
Tandem Risk Assessment and
Tandem Internet Banking Risk Assessment (if applicable).
As a part of Boost Consulting, we will provide training and assistance with using the software.
The Tandem Risk Assessment module interfaces with the modules listed below. By purchasing and using multiple modules,
users have the advantage of mapped integrations for policies, vendors, and assets. Ask your account representative about
additional consulting services for these modules.
Ready to get started?