BSI specializes in providing security services for the financial industry (banks, savings associations, credit unions, and trust companies). Our extensive experience in working with financial institutions through examinations and audits makes us uniquely qualified to provide these services. BSI security specialists understand the technology and applications utilized in the financial industry as well as the regulatory requirements imposed on individual institutions. BSI strives to provide superior service and customer satisfaction. To see how BSI security customers rate us, click here. Below are a few of the security and compliance products and services we can provide.

GLBA Compliance and ISO Consulting

BSI Consulting Services are designed to assist financial institutions (bank, savings association, credit union, or trust company) with their information security and compliance needs by providing professional consultants who are qualified information security experts in the financial industry.

BSI Consulting Services include:

• BSI ISO – Information Security Officer support designed to complement the capabilities your financial institution currently maintains. Various services available include: incident response, employee security awareness training, annual report to the Board, security committee consulting, full information security program development and support.
• BSI RA – development and maintenance of an Information Security Risk Assessment
• BSI BCP – development and maintenance of a Business Continuity Plan
• BSI POL – development and maintenance of the institution’s Information Security Policies BSI VM
• – assistance with the institution’s vendor management program
• BSI CAT – consulting and services association with the Cybersecurity Awareness Tool
• BSI AM – audit and exam management services

External Penetration Testing

A BSI Penetration Test allows you to identify potential weaknesses within your network perimeter, whether structural, technological, or procedural.

Areas Analyzed

A BSI Penetration Test includes an in-depth analysis using multiple tools and focuses on the following areas:

• Internet connections (scanned quarterly)
• Phone lines
• Scanning for thousands of vulnerabilities
• Perimeter strength using non-intrusive hacker utilities
• Wireless vulnerabilities
• Employee security awareness (Social Engineering)

In addition, we can customize a solution to fit your needs. Some common variations include:

• Internet Vulnerability Test
• Social Engineering
• Telecom Test
• Web Application Assessment
• Wireless Test

IT/GLBA Audit & Assessment Services for Financial Institutions

A BSI IT/GLBA Audit and Network Assessment of your company’s information systems will help you comply with regulatory guidance, the Gramm-Leach-Bliley Act (GLBA), and industry best practices.

Areas Analyzed

A BSI IT/GLBA Audit and Assessment includes an analysis of existing Information Technology infrastructure, compliance with the Gramm-Leach-Bliley Act, policies and procedures, and security controls. Our Audit and Assessments include the following fourteen areas:

• Audit processes and procedures
• Management and operations
• Vendor management
• Information Security Program
• Development and acquisition
• Support and delivery
• Information technology infrastructure (including virtualization if applicable)
• Data and physical security
• Wire/ACH Technical Controls
• E-Banking
• Disaster Recovery Planning/Business Continuity Planning
• Identity Theft Prevention Program
• Remote Deposit Capture
• Unlawful Internet Gambling Enforcement Act (UIGEA)

In addition, we can customize the audit engagement to fit your needs. In some cases, we are asked to narrow the scope of the engagement to one of the following types of audits:

• Cybersecurity Assessment/IT Security Review
• GLBA Audit
• IT General Controls Audit
• Network Vulnerability Assessment
• Virtualization Audit