The Gramm-Leach-Bliley Act (GLBA) and the Interagency Guidelines Establishing Information Security Standards require financial institutions (banks, savings associations, and credit unions) establish an Information Security Risk Assessment.
Use version tracking to access data from previous versions of the risk assessment, compare data in the risk assessment over time, and identify trends from year to year.
Use Tandem’s asset risk assessment framework to go step-by-step through the assessment process.
Quantifying the likelihood and potential damage associated with threats is made easy with a simple control calculation tool. Use the information captured to easily report on your risk posture.
Get started right away by using our risk assessment templates designed for common information security assets.
Begin with our recommended guidance, threats and controls. Then use the framework to tailor each assessment to perfectly reflect your organization.
Effortlessly generate consistent and professional documents on the fly to share with your executive team, board of directors, auditors and examiners.
These customizable documents are available in Microsoft Word and Adobe PDF formats.
CoNetrix offers an online risk assessment software solution to help banks and credit unions perform an information security risk assessment, per GLBA, as well as individual information asset risk assessments. We designed our software using guidance from the FFIEC, FDIC, OCC, FRB, NCUA, and CFPB. Our web-based risk assessment software is designed in an easy-to-follow format.
The Tandem Information Security Risk Assessment Software includes:
Additionally, the Information Asset Risk Assessments portion includes:
Tandem Risk Assessment also includes custom risk assessment templates. Add your own threats and controls or incorporate CoNetrix suggested threats and controls to assist in the creation of various assessments. Custom assessments can be mapped to controls and guidance.
For internet banking risk assessments, use Tandem Internet Banking Security Program—which can be purchased separately and integrated with the Tandem Risk Assessment module.
Use the Tandem Policies integration, which allows users to customize a set of more than 50 pre-defined Information Security Policies, already mapped to your Information Security Risk Assessment threats.
Additionally, the asset management tool integrates with Tandem Vendor Management and Tandem Business Continuity Planning modules to show connections among assets, vendor services, systems, and software, per the updated FFIEC Information Security Booklet.
The CoNetrix Information Security Risk Assessment software is feature-rich, including: