Risk Assessment

Risk Assessment Requirements

The section 501(b) of the Gramm-Leach-Bliley Act of 1999 (GLBA) requires that credit unions have an Information Security Risk Management Program. One of the major components of the program is an ongoing risk assessment program. The FFIEC is fairly specific as to how this should be done. Admittedly, a proper risk assessment is a large, difficult undertaking, mandates objectivity and requires a multidisciplinary approach according to the FFIEC guidelines.

How does CUC conduct a Risk Assessment for a credit union?

Credit Union Consulting can conduct a compliant risk assessment for your credit union that will help you learn about your IT infrastructure and satisfy the examiners. CUC uses a methodical process to evaluate the risks your credit union faces and the controls that you have in place to mitigate those risks. We produce a concise report that you can discuss with your board of directors and examiners. We will also make suggestions as to what further controls you need to consider putting in place.
Once a risk assessment is completed, a credit union can then develop policies that are supported by the assessment of their unique situation. This policy is generally referred to as the Information Security Policy.
If you are not a client of Credit Union Consulting's IT Services, you will need an IT Audit in order to have an accurate IT Risk Assessment.

If you would like to learn more about our IT Risk Assessment, you can contact the following:

Paul Elder 614-848-5400 ext 121 or email Paul
Larry Krietemeyer 614-848-5400 ext 143 or email Larry

SpecialAlerts

Stay updated with I.T. news and alerts. Receive our teams insights, articles, and case studies.

CUCNews

CBAO Convention

The 42nd Annual CBAO Convention & Trade Show

Innovation Basics for Community Banks and Credit Unions

“We must innovate!” Are you sick of hearing this yet?