Financial Institutions

Financial Institution IT System Examination Services

We offer periodic independent examinations of Information Technology (IT) systems, including processing issues. Our examinations may include Internet banking, telephone banking and network operations. We perform such exams according to regulatory examination guidelines for information systems. We also perform customized IT exams as requested by management. Our reports provide recommendations for improvement in IT operations and security.

Our IT reviews combine an audit approach with an understanding of technology and current industry standards for policies and management of IT operations. Among areas covered are:

  • Internal policies and procedures guiding computer operations
  • Performance of daily operations
  • Firewall security and operation
  • Review intrusion tests and remediation previously done
  • Business continuity planning and backup procedures
  • Information Security Program, as required by the Gramm-Leach-Bliley-Act
  • Risk assessments
  • Internet banking operations and security
  • Oversight of IT vendors
  • Telephone banking operations and security
  • Fedline and other EFT software and services, security and procedures
  • Internal policies and procedures governing commercial ACH services
  • LAN security and operations
  • WAN security and operations
  • Mainframe users’ access controls
  • Management of Microsoft vulnerabilities and patches
  • Anti-virus software protection and usage
  • Internet service provider’s security and capabilities
  • End-user practices and security concerns
  • Management’s oversight and support of IT operations
  • Vulnerability/Security assessments: this includes performing actual scanning of the network, both internally and externally, and probing of network devices to determine exploits and threats.