Bank IT Controls Review
FFIEC / FDIC / GLBA /FACTA
Our Information Security Managerial Controls Review (MCR) assesses the organizations security program including:
Information Systems Policies Review and Assessment
Technical Controls and Aggregate Security
Through interviews, documentation review and testing E3 evaluates an organizations adherence to a desired standard. This standard can be a specific security standard (like NIST) or industry best practice. Managerial and operational (policies and procedures) controls are the foundation of all organizational security controls.
IT managerial and operational controls should set the tone for the organization with regard information security. For nearly 20 years E3 has been providing banks and other financial institution with GAP assessments for their IT controls based on FFIEC, GLBA, FDIC, FACTA and state examination standards.