Security Services
for Credit Unions
The objectives of
E3 Technology's review services are to review the general controls
relating to your computer systems, network, (including Internet
connections), and equipment which provide access to the Credit
Union's host system in order to identify internal control strengths
and weaknesses.
Using the NCUA's
Information Systems & Technology Examination Program (ISTEP),
we evaluate existing security standards against best practice
standards to determine findings and recommendations for improvement.
The NCUA's ISTEP utilizes three tools:
- e-Commerce I (EC1):
A high-level e-Commerce questionnaire for reviewing e-commerce
services and activities.
- e-Commerce II
(EC2): Detailed questionnaire for reviewing e-Commerce services
and activities.
- ELECTRONIC DATA
PROCESSING Review (EDPR): Electronic Data Processing review
program for reviewing a credit union's overall information
and technology systems.
Our review may encompass
any of the three ISTEP questionnaires and rely upon further
standards defined by the OCC, FFIEC, state examination regulations,
BS7799, GASSP, CoBIT, and other pertinent standards. We fulfill
the examination through observation, as well as through compliance
and attribute testing. E3 Technology team members have provided
security and review services for over 100 financial institutions.
An E3 review results in a deliverable report detailing precise
control recommendations. Our recommendations are specific, technical,
and immediately useful as a working document for remediation
of all listed control concerns.
We would be pleased
to submit a proposal for service, so please contact us for more
information or download and return our Request for Proposal
questionnaire.
