NETBankAudit - Cyber Audit Specialists Assessement Services   
Information Security Risk Assessment
and IT Audit Specialists
 
Home
Company
       º About NETBankAudit
       º Management
       º Staff
Services
       º External Testing
       º IT Vulnerability
       º Internet Banking Risk
       º GLBA Info Risk
       º IT Audit
       º BC & DR Planning

Articles & Info

Regulations

Contact Info

NETWORK SECURITY ASSESSMENT
Positive experience or another trip to the Dentist? What you should be getting from your audit?

Download Acrobat Reader
  You will need Adobe Acrobat Reader to view and print this file.  If you don't have Acrobat Reader, please download it now it's FREE.

Internet Banking Risk Assessment

Authentication controls and practices for Internet banking has become an issue of importance for financial institutions following the FFIEC's recent Interagency Guidance on Authentication in an Internet Banking Environment. To meet the requirements outlined in the guidance, financial institutions will need to evaluate their Internet banking authentication controls by mid-2006 in order to have appropriate technologies in place by year end 2006 or early 2007, as required. The first step will be to prepare an "Internet Banking Authentication Risk Assessment" in first/second quarter of 2006 that evaluates the institution's Internet banking environment, required enhancements, and plans for meeting those needs. Examiners will be expecting to see evidence that a risk assessment was done and what the results dictated for next steps.

Following the risk assessment, institutions will be expected to move forward with appropriate new technologies in late 2006 and 2007. However, many challenges will arise in the process of selecting the appropriate technologies to address security requirements and also meet the convenience needs of customers. The ability of existing Internet banking application service providers will also affect financial institution's abilities to implement a timely and appropriate solution for Internet banking authentication.

NETBankAudit is a leader in defining methodologies for and performing risk assessments for information security and IT systems specific to the financial services industry. Our processes for conducting risk assessments,  audits, and network vulnerability assessments are designed to meet FFIEC requirements and industry best practices, including standards specified by
the Gramm Leach Bliley Act and Sarbanes Oxley Act. Our many years of experience with financial institutions provide a unique advantage in terms of specialization and expertise.

Cindi Bonnette, our Director of Information Security Risk Assessments, who was previously an Assistant Director of Bank Technology for FDIC, states that "Bankers must take timely action to address the initial requirement for an Internet Banking Risk Assessment. However, many bankers will need assistance with this process to ensure that the necessary elements are
covered and supporting documentation meets the regulators' expectations.  While the scope of the Internet banking authentication risk assessment will be similar to a standard system-specific risk assessment, this process will be more closely scrutinized and has a shorter deadline for accomplishment."  NETBankAudit is available and prepared to meet your bank's needs for

Click here for the FFIEC guidance on "Internet Banking Authentication" in PDF format.

Click here for the American Bankers article on "Web Authentication Report Cites Three Standouts" in PDF


 
© 2005-06 NETBankAudit. All rights reserved.