14 HќќѠіђџȱ юћјђџ ѢљѦȱ2014 PSP SHOWCASE ¡DZȱ ȱ ȱ ȱ ȱ ȱȁ ȱ ȱ Ȃ M¢ȱȱȱȱĜȱȱ explain what the regulatory examination process is like. Bankers face multiple exams, internal audits, external audits, loan reviews and information technology audits, to name a few. When a bank tries to select which service provider can best assist in preparing for these various reviews, it would be ideal to work with a provider that understands the examination process thoroughly … by being examined by the same regulators. Infotex, an Indiana Bankers Association Diamond Associate Member, has been an IBA Preferred Service Provider for years, assisting banks in many IT areas. In addition to providing audit and assessment services, consulting services and assistance with IT policies and procedures, the company also provides monitoring services. These services cause Infotex to be in the examination program of the Federal Financial Institutions ¡ȱ ǰȱĴȱȱȱ the receiving end of examinations and audits on a regular basis. As a result, Infotex understands the ȱȱęȱ¡ǰȱ helping it to provide quality risk assessments, IT management practices reviews and Internet banking controls reviews to the banking community. Banks enjoy peace-of-mind assurance that Infotex knows what needs to be reviewed to be prepared for any IT-related examination. Within the area of audit and ȱǰȱ ¡ȱěȱ services covering IT audit services, external penetration testing/internal network scanning, social engineering testing, Gramm-Leach-Bliley Act risk assessment, IT governance, Internet banking controls review, physical security and environmental controls review, business continuity plan ǰȱ ȱęȱǰȱ vendor due diligence review and Web application security review. IT assessment and audit, for example, address both the nontechnical and technical aspects of clients’ ǰȱ ȱęȱȱ systems auditors providing a comprehensive approach to IT audit. Additional considerations include social engineering, IT management practices, security procedures in accordance with regulatory requirements, and industry best practices. Dan Hadaway, Infotex managing ȱȱȱĜǰȱȱ his team also can assist with various areas of consulting services and awareness training. They will prepare presentations centered around the bank’s acceptable use policy, help boards of directors understand their responsibilities for IT governance and information security, and customize training to the bank’s ęȱȱȱȱȱȱ vendor due diligence, technology risk management, incident response ȱȱȱęǯȱ ¡ȱ¢ȱěȱȱ and procedure templates and can ȱȱȱȱȱęǯ ȱ ȱěȱȱ ¡ȱȱ an event log management system, providing 24/7 monitoring of all logs for critical and noncritical events, ęȱȱ ȱȱȱ events. The company responds in real time to critical events per clients’ customized business rules, with templates simplifying the process. Daily interactive reports, intrusion prevention/detection service and change detection round out the layers of security. Monthly scans of external networks seek open ports to detect ǰȱȱȱĴȱ changes to the perimeter security stance. When making your next decision regarding IT-related services, consider a company that knows the яќѢѡȱѡѕђȱ Ѣѡѕќџ ȱ ¢ is vice president-products & services of the ȱ ȱ , and also serves ȱȱȱȱȬęȱȱ ȱ¢ȱ the IBA. He can be reached at 317-387-9380, email: rlasley@indianabankers.org.
RkJQdWJsaXNoZXIy MTg3NDExNQ==