6,337

18,043

 


"Tackling new projects takes a lot of time and effort. But with cbanc, this is a solution that gives me real work savings. Using the cbanc Network doesn't take up my time, it gives me my time back."

Rich Moldenhauer
Flagship Bank Minnesota

 
 
IT Risk Assessment Spreadsheet Template
Contributed by:VP‚ Technology
Asset size: Bank with under $250m
Location: Midwest
Description: A 3-tabbed spreadsheet currently in use for documenting an IT Risk Assessment. Items in 19 categories are described and rated according to Priority/Severity and Likelihood and a line item "Risk Rating" is automatically computed. Includes a tab with definitions and a tab with summary counts suitable for sharing with committee or board of directors. Each item has a column for Remarks and then three columns to describe the Preventative, Detective and Corrective Mitigation(s) of that line item. Categories include Physical Security, Software & Hardware Development & Acquisition, Information Security, System Security, Contingency Planning, Core Processing, ACH, ATM/Debit Card, Internet Banking, Bill Pay, Check Imaging, Document Imaging, Report Archival, Telephone Banking, Telephone System, Deposit Origination, Loan Origination, Credit Card Processing, and Wire Transfer.

SIGN UP TO DOWNLOAD


MORE PEER CONTRIBUTED DOCUMENTS:

83 Documents 60 Answers 81 Exam Watches 25 Vendor Reviews

GLBA & IT Infomation Security Risk Assessment
Asset size: with under $250m
Description: This GLBA\Information Security Risk Assessment and IT Risk Assessment is 21 pages and covers all aspects of Information Security. It has been continuously refined over the last eight years. The assessment has been well received by IT auditors, State Examiners, and FDIC. The Risk Assessment Methodolgy and Risk Assessment Device Classification are two other documents available in cbanc that support this risk assessment module.
Risk Assessment Template New Product/SErvie
Asset size: with over $1b
Description: This is a template to be used to create risk assessments for new products and services. It has not been fully vetted in an examination, but state examiners did review one completed risk assessment in this format and were very complimentary.
Customer Information Security Risk Assessment Template
Asset size: with between $500m - $1b
Description: Annual review completed for the - Annual Information Security Risk Assessment review for safeguarding customer information. Sheet is a template used that includes template information for 30 different locations/software that customer information is located and/or stored.


RELATED QUESTIONS AND ANSWERS:
Q
Technology related Risk Assessments
Asked by: Technology
Asset size: Bank with
Location:KY

I was wanting some input on what other banks are doing on Technology related risk assessments. I have our Information Security Program risk assessment and our E-Banking or Internet Banking risk assessment as a separate documents. Our examiner didn't care for the fact that they were separate documents.

Any info on this subject would be greatly appreciated.
A
Answered by:AVP, ‚ Vendor Management/Vendor Selections
Asset size: Bank with between $500m - $1b
Location: TX

We use a risk assessment template provided by GFM Consulting, Inc. out of Birmingham, Ala...
Q
Bank wide risk assessment
Asked by: President,‚ President
Asset size: Bank with
Location:CA

Does antyone have a reasonable bank wide risk assessment model suitable for a $100M bank?
A
Answered by:SVP, ‚ Compliance/BSA/Legal
Asset size: Bank with under $250m
Location: OH

Our bank is a $54M bank. I have a Risk Matrix that we produced from several other models,...


RELATED EXAM EXPERIENCES:
FDIC - IT | August 2011
exam experience posted by a SVP‚ Risk Management from member with between $500m - $1b in assets
Big focus on Regulation GG - Internet Gambling
State Regulatory - BSA/AML | March 2013
exam experience posted by a SVP‚ Compliance/BSA/Legal from member with between $250m - $500m in assets
Mandating that we have a purpose stated for all outgoing wire transfer transactions. Mandating that each origination information be reviewed prior to posting to customers account. The detailing of specific policy wording that did not meet the BSA/AML examination requirements (never questioned previously by State or FDIC). Provides no benefit to the Bank only to the examiner. The wording changes result in no operational or compliance changes jsut busy work. No technical violations, but kept referencing that these words must be included in the policy. Made recommendations to chaneg policy content when the content being required was already present.
FRB - BSA/AML | December 2013
exam experience posted by a Manager‚ Compliance/BSA/Legal from member with between $250m - $500m in assets
None

RELATED VENDOR REVIEWS:
Risk assessment/risk management
HEIT
Risk Assessments for Financial Institutions
Alex Information
Information Technology (IT) risk assessment
WolfPAC
Risk Assessment
Catalyst Consulting Group
Risk Assessment
T HOUSTON TECHNOLOGY

 
 

GET INVOLVED