Bank Information Security Support Services

pf | Pulliam and our teaming partner IT Solutions Plus have created an information security service offering that will assist Banks in meeting their regulatory requirements.  The offering will address requirements specified in: Gramm-Leach Bliley Act (GLBA) Section 501b, Patriot Act, Sarbanes-Oxley (SOX) Section 404, credit card security, etc.  The service is not meant to address all of the regulatory requirements as specified in these regulations but to assist Banks in addressing many of these security controls.

• Conduct an IT Risk Assessment – Our staff will conduct an IT risk assessment that meets the organization requirements and follow standards as outlined in GLBA, SOX 404, ISO 17799, etc.  Our staff will work closely with our Banking client to determine all relative regulatory requirements and develop a customized questionnaire and assessment that will meet your bank’s individual needs.
• Develop and Present Information Security Awareness Training – Our staff will provide assistance in developing and delivering information security awareness & training support.  The training material, that our staff develops, will address general users and management staff.
• Develop and/or Update Information Security Policies and Standards - Our staff will provide assistance in the development, update and/or maintenance of information security program and policies, standards, and procedures.  We work closely with the CSO and any other pertinent staff to ensure that the documentation developed meets the organizational needs.   We can also assist a federal agency in developing hardening and configuration guidelines. 
• Provide Computer Security Officer (CSO) Support - Our staff will provide assistance in the development, update and/or maintenance of information security program and policies, standards, and procedures.  We work closely with the CSO or can act as the CSO to ensure that the documentation developed meets the organizational needs.   We can also assist our commercial clients in developing hardening and configuration guidelines that meet business needs.  Finally, our staff will work closely with the CSO and/or act as the CSO and develop a 1-5 year strategic program plan to ensure that the organization has a plan in place to address their complex and ever changing information security needs.
• Support Incident Response Support – Our staff have experience to assist our banking clients in developing policies and procedures to assist in developing a strong and organization-wide incident response team.  As part of this process, our staff will assist the Bank in establishing a strong working relationship with internal investigative teams, other incident response teams and outside investigative agencies.  Our staff can develop an incident tracking database as well as a detailed IT incident response form that will be completed as part of every incident investigation.
• Network and/or Application Vulnerability Assessment – our staff will conduct a network and/or application vulnerability assessment.  We will take into consideration any regulatory requirements when conducting an assessment.  This assessment; however, cannot take the place of the CISP assessment as there are very specific requirements that must be completed by a certified CISP assessment company.
• Security Architecture Assessment and Implementation Support – Our staff can assist our banking clients in determining what security architecture requirements are in place and/or needed and then can assist in evaluating, selecting and implementing additional information security controls.  Our staff is vendor neutral and therefore will provide recommendations to you that are specific to your needs and requirements.

In addition, our staff can provide support for Business Continuity Management support services.  Please contact pf | Pulliam for further information by calling 301-535-5824 or sending e-mail to info@pf-pulliam.com.