ATTUS' Risk and Information Security Consulting Services

In 2002, ATTUS expanded its role as Trusted Advisor to its clients by adding Risk and Information Security Consulting (RISC) Services to its offerings. Today our RISC Services Consultants are counted on by over 4,500 clients.  They put their extensive knowledge, industry expertise and reliability into developing and conducting services that help financial institutions and other businesses meet their Gramm-Leach-Bliley Act (GLBA), Bank Secrecy Act (BSA) and Red Flag Rules compliance. 

• A thorough assessment and investigation of the areas being explored
• The use of sophisticated technology and intuitive manual techniques for a comprehensive approach 
• Detailed reports with a full accounting of the service provided, its results and our experts’ recommendations for mitigating identified and foreseeable risks
• Access to ATTUS’ industry experts who engage your institution’s representatives to establish communication and trust before, during and after the service 

Information Security Review:  This comprehensive assessment of your Information Security Program encompasses all of your institution’s electronic and paper based information. The ATTUS RISC Services Consultant assigned to your review will:

• Examine your policies, procedures, physical security and technology across all business lines
• Assess your Information Security Program’s ability to protect your confidential data
• Identify any gaps uncovered and outline recommendations to close those gaps   

BSA Review Service:  The focus of this review is your institution’s overall risk management program. ATTUS consultants will work to ensure your institution’s compliance with the Bank Secrecy Act, OFAC and other related Anti-Money Laundering laws and regulations by:

·        Conducting an extensive on-site review of all your written policies and procedures

·        Assessing the adequacy of your currency transaction reportings, SARS, CIP, CDD and your employee training programs

·        Providing access to the ATTUS’ BSA/AML risk assessment tool which you can use to create your institution’s own risk assessment document or to enhance your existing one

External Penetration Test:  Complete your institution’s required annual testing of its network defenses with ATTUS’ comprehensive External Penetration Test. Using proven methodology that mirrors the assault methods of unethical attackers, our consultants help detect and reinforce network vulnerabilities by:

·         Assessing your network perimeter’s defenses including your firewall, perimeter routers, web and mail servers and more

·         Performing reconnaissance and scanning to uncover exploitable weaknesses

·         Completing a “safe” exploit attempt to help you stay one step ahead of such attacks

Social Engineering Test: This test helps explain the sinister intentions and underhanded techniques of attackers to everyone within your organization by performing actual simulations of malicious social engineering. The result is a higher priority on the importance of safeguarding confidential information such as user names and passwords. Our consultants:

·         Test the porosity of the everyday tools used by your employees (email, phone and internet)

·         Attempt to solicit confidential information through those tools

·         Help to educate your employees on the appropriate reactions to such requests for confidential information   

Red Flag Review Service: Determine the adequacy of your Identity Theft Prevention Program with the help of ATTUS consultants during our Red Flag Rules Review Service. Our consultants will work to ensure that your program encompasses the key elements of an effective Red Flags Rules program as outlined by the FACT Act. This includes:

• Helping ensure that your covered accounts, and the appropriate red flags for them, have been properly identified
• Assessing the effectiveness of your institution's defined responses to red flags
• Determining if your institution is properly administering its program

Contact us at 1-888-494-8449 today to learn more about the ATTUS RISC Services Group or any of its solutions to your institution’s compliance needs.