Skip to main content
Loading
Sign In
Create Account
Cart
Group Insurance
Contact Us
Toggle search
Toggle navigation
Keyword Search
The Association
Toggle
Board of Directors
Councils and Committees
Bank Directory
Pioneer Banker Club
MBA Training Room Rental
Contact Us
>> Directions/MBA Staff
>> Legal Department Inquiries
Education
Toggle
MBA Education Event List
Conference Websites
>> Operations/Technology Conference
>> Bank Leaders of Tomorrow Conference
>> Women in Banking Conference
Leadership Development Academy
Online/Webinars/Videos
>> MBA Videos/Webinars
>> Graduate School of Banking-WI
>> Webinars from OnCourse Learning
>> Associate Member Free Programs
>> Directors Education Series
Schools
American Bankers Association
>> Facilitated Online Courses
>> Self-Paced Online Courses
>> Certificates
>> Textbooks
Career Paths
MBA/SBS Certification
Legal and Compliance
Toggle
Legal and Compliance Resources
>> Legal Department Inquiries
>> Legal Compliance Bulletins
>> Regulatory Watch Bulletins
>> Manuals
>> Regional Compliance Meetings
>> Compliance Calendar
>> Minnesota CaseWatch
>> Legal Q&A
>> Compliance Consulting
>> Compliance Query
>> Security Resources
>> Compliance Companions
>> Legal/Financial Links
Advocacy
Toggle
>> Overview
>> Legislative Summary
>> Grassroots Action Center
>> Political Insight Bulletins
>> VoterVoice
>> Regulatory Feedback Initiative
HR
Toggle
Career Corner
>> Find a Job
>> Placing an Ad
>> Bankers on the Move
>> Career Paths
>> BeABanker.com
HR Resources
>> Compensation Survey
>> Holiday Survey
>> Sample Job Descriptions
>> Recruiting Resources
>> IAmABanker.com
Online Store
Resource Center
Toggle
Publications
>> MBA News Magazine
>> Legal Compliance Bulletins
>> Regulatory Watch Bulletins
>> Political Insight Bulletins
>> Legislative Summary
>> Annual Report
>> eNewsletters
>> Media/Press Links
>> Special Notices
Products and Services
>> Compensation Survey
>> Thumbprint Signature Program
>> Security Resources
>> Senior Fraud Videos
>> Endorsed Products and Services
>>MBA Training Room Rental
>> IT Consulting
>> Compliance Consulting
>> TRAC
>> Legal Manuals
Community Stories
>> Community Champion Recognition
>> Community Stories
>> Community Impact Month
Other Resources
>> Financial Literacy
>> Heart Safe Communities
>> FDIC
>> COVID-19 Updates and Resources
Vendor Relationships
Toggle
Associate Member Directory
Endorsed Vendors
Marketing/Sales Partners
Resources
>> Membership Application
>> Advertising Kit
>> Exhibit and Sponsorship Opportunities
Skip breadcrumb navigation
Why Use TRAC
™
?
The Situation:
The Gramm-Leach-Bliley Act (GLBA) requires all financial institutions to develop and implement a comprehensive, written Information Security Program (ISP) which defines administrative, technical and physical safeguards designed to protect the confidentiality of customers' nonpublic financial information that is held in the institution's possession. The program must be a written plan that identifies risks, the impact and probability of those risks and implemented controls designed to ensure the security and confidentiality of information as well as the proper disposal of such information.
The Problem:
There is
little guidance
available about the IT risk assessment process. Regulators are requiring financial institutions to complete a risk assessment or have determined that the current risk assessment is not adequate. How does a bank comply with the Gramm-Leach-Bliley Act and rectify regulator findings?
The approach is based on
manual input
into Word and Excel documents. How can the assessment be conducted with less effort and error?
The process is
time consuming
. Developing and maintaining all these documents, researching new IT concerns and new policy implementation can take a lot of time. How can this process become more efficient, while maintaining its effectiveness?
This is
costly
. Resources are needed to develop, maintain and implement an ISP.
In the end, it still
does not drive
the ISP. The risk assessment should be the driving force behind the financial institutions IT decisions, including the audit and disaster recovery programs.
After all this, you still ask
"Do I have it right?"
Do the Board and management understand the program and communicate its objectives to the employees and regulators of the financial institution?
The Solution:
Effective, efficient, and with a whole lot less effort, TRAC™ is the answer to a bank’s risk assessment problems. With a completely redesigned methodology, risk assessment is driven by the ISP and adds value to your community bank.
The report (at right) is the output of TRAC's™ automated risk assessment process. This is a great board or management report because the bank’s assets are sorted by residual risk all on one document.
Management can develop plans to reduce risk on assets with a residual risk above a certain level or color. A bank’s management drives this program. For example, an auditing program can be developed as follows: assets with a dark blue protection profile will be audited on a 72 month rotation, medium blue in 24 months and light blue in 36 months. Management is now driving the audit program from the risk assessment. Strategic decisions can be made based on the risk assessment.
{1}
##LOC[OK]##
{1}
##LOC[OK]##
##LOC[Cancel]##
{1}
##LOC[OK]##
##LOC[Cancel]##