Our Information Security Managerial Controls Review (MCR) assesses the organizations security program. E3 evaluates organizations adherence to a desired standard. IT managerial and operational controls should set the tone for the organization with regard information security.

For nearly 20 years E3 has been providing credit unions with GAP assessments for their IT controls based on FFIEC, NCUA and state examination standards.

Some of the more common gap assessments we provide are


Unified FFIEC

ISO 27002

NIST 800-53

Nist cyber security

nist 800-171