Information Security Policies Management Software

Policies and procedures are the primary method financial institutions (banks, savings associations, credit unions, and trust companies) use to define controls. Too often, after they are developed, they end up sitting on a desk and collecting dust until the next exam.

CoNetrix offers an online solution to help you create and maintain your enterprise-wide policies in Tandem.

The Tandem Policies product is populated with an Information Security Policies set, created by CoNetrix security experts and tailored for your institution through a multiple-choice questionnaire.

The Information Security Policies set includes:

  • Content for more than 40 recommended policies, designed to be in compliance with information security and cybersecurity regulations. Template policies include: Change Management, Core Application, Digital Banking, Incident Management, Intrusion Detection and Prevention, IT Asset Management, Mobile Device Management, Social Media, User Authentication, and Vendor Management.
  • The ability to define verification items for each policy and combine the items into meeting agendas for your various committees (e.g., Audit Committee, Security Committee, etc.).
  • A mapping to appropriate regulatory guidance (i.e., FFIEC, FDIC, OCC, FRB, and NCUA). Additionally, Tandem allows you to optionally include references to the following standards:
    • COBIT 2019
    • NIST SP800-53
    • PCI DSS vs. 4.0
    • CIS Controls 8.1

In addition to the Information Security Policies set, you may use the Tandem framework to maintain all of your financial institution's policies. Add your own policy language and assign user access based upon unique categories (e.g., Human Resources, Lending, Operations, etc.). Use global reporting to generate standardized documents, such as an enterprise-wide Acceptable Use Policy (AUP) or your full policy set, ready to share with your employees, auditors, examiners, and Board of Directors.

Features

The CoNetrix Policies software is feature-rich, including:

  • Suggested Information Security Policies created and updated by security and compliance experts
  • Downloadable documents in Microsoft Word and/or Adobe PDF formats
  • New features and updates are automatically included with your annual subscription
  • Free training workshops to help familiarize you with the software
  • Integration with other CoNetrix online software
  • Anywhere/anytime Internet access through a secure, online portal
  • Multi-factor authentication (optional)
  • Single Sign On (SSO) integration using SAML 2.0
  • Multi-user access
  • No software installation or equipment costs
  • The ability to manage several companies' Policies with one login (requires a subscription for each company)

For professional services, ask your account representative about adding Boost Consulting services.