What It Is: An audit of a credit union’s security posture in
addition to control validation. This engagement is designed to
fulfil the requirement for credit unions to complete this testing
with an independent auditor on an annual basis. We scope the
engagement following industry standards outlined in the FFIEC
handbook and including the NCUA ACET assessment items.

 

Why You Need It: Today’s credit unions rely heavily on
technology to run their operations, serve their members and
execute their business initiatives. There are many risks to these
critical technologies including bad actors, improper setup,
environmental hazards and more which can have negative
impacts from lost revenue to reputation. Having a strong
cybersecurity posture will help ensure your business’s
critical technologies and data remain safe and secure.

 

Our Approach: Our team consists of qualified, certified
experts with decades of IT audit and assessment experience.

 

Value: We not only audit the credit union’s information security,
we will also engage in control testing and validation, to provide
value beyond just meeting the regulatory requirement.

 

Always Evolving: The design of the IT General Controls audit
adapts and evolves in alignment with the FFIEC and industry
best practices.

 

Consultative: Our clients want more than just to know where
their challenges and issues are. Our approach goes a step
further, so not only do we outline the risks, we also provide
recommendations on the best path forward, so your credit
union always has a plan for progress.

Our IT General Controls Audit/Assessment Focuses On:
• Information Security Governance
• Risk Management
• Vendor Management
• Business Continuity and Disaster Recovery
• Incident Response and Management
• Physical Security
• Perimeter Security
• Internal Network Configuration
• Data Administration
• Endpoint Security
• Monitoring, Logging and Alerting
• System Maintenance
• Change Management
• Network User Access Control
• CIS Critical Security Controls
• Physical Controls

Additional Services Include:
• Cloud Security Assessment
• Ransomware Assessment
• Penetration Testing
• Vulnerability Assessment
• Social Engineering Testing

Cost:
Starting at $6,400 for an institution under $100M in assets.
We offer discounts on multiyear commitments.

​

Connect with us today to learn more about our IT General Controls
Audit/Assessment and offerings. Put our experience to work for you!