 |
|
 |
 |
|
Network Quality Assurance: NCUA Compliance ProcessKnow your network The National Credit Union Association (NCUA) requires that institutions must ensure their information systems and confidential data are kept safe. Specifically, they all must establish administrative, technical and physical information safeguards to:
The board of directors are ultimately responsible for overseeing the implementation and maintenance of their organization's information security program, and for the consequences if it fails. Congruity Inspector's one-click, self-audit feature places the control and peace-of-mind in their hands offering a consistent and repeatable way to document technical and administrative status and verify security compliance. Congruity Inspector delivers the best cost-performance of any network qualtiy assurance solution, providing an objective 168 hour IT security profile for less than 1 minute of effort. Credit Union are required by law to conduct a risk assessment at least once annually. However, with IT threats on the rise, a single audit using conventional risk assessment methods are not sufficient. A penetration-test and vulnerability scan provide only static, moment-in-time snapshots of known flaws. They don't identify unknown flaws or operational threats conditions. These are the causes of system compromise and confidential data leaks which can occur in spite of a fully-patched and properly-configured network. Congruity Inspector offers an easy, comprehensive, and cost-effective way to regularly identify these issues and reduce Information System and data security risks. Congruity Inspector NCUA Assessment Process 1. Identify reasonably foreseeable internal and external threats that could result in unauthorized disclosure, misuse, alteration, or destruction of member information or member information systems; Congruity Inspector delivers a comprehensive profile of internal and external threat conditions including: system and confidential data exposure, misuse, abuse and malicious usage activity. Findings are generated automatically upon completion of an audit and contained in several easy-to-understand executive reports (.pdf format) along with with additional details and forensic information contained in the Web-based graphical report interface. 2. Assess the sufficiency of policies, procedures, member information systems, and other arrangements in place to control risks. Congruity Inspector's on-demand, one-click audit feature enables users to automatically verify & document security controls and policy status. Users can easily determine the sufficiency of policies and procedures associated with network status (perimeter, endpoints), technology effectiveness (firewall, Web filter, Anti-virus, Anti-Spyware, Anti-Spam, Email filter), on-line communications (SMTP, POP3 Web-based email, IM/Chat, file uploading/downloading), offensive and confidential content entering and leaving the protected network along with external and internal user behavior. Users can objectively assess the sufficiency of existing risk controls on-demand and as often as necessary--with an absolute minimal amount time, effort and cost. One-Click NCUA Compliance Congruity Inspector simplifies NCUA compliance, automating the review and documentation process that identify threats that leave IT systems and confidential data exposed. |
|