Confidentiality, Integrity, & GLBA Compliance
Elevate’s IT Compliance and IT Security Consultants are continuously up-to-date on the guidance from the Federal Financial Institutions Examination Council (FFEIC) and accompanying enforcement agencies (e.g. FDIC, Federal Reserve, FTC, OCC, etc.).
How Elevate Can Assist Your Organization
Ensure your workforce and board of directors are aware of their responsibilities towards compliance.
Elevate’s methodology for the GLBA Risk Assessment is based on a phase approach with the following steps:
- Asset Inventory: Elevate will work with our clients to document the inventories and the classification of assets to ensure mission critical assets are evaluated and classified.
- Threat Analysis: Elevate will work with our clients to determine existing and emerging threats, system vulnerabilities, and existing controls to reduce risks are identified for the information assets in scope. Furthermore, the likelihood of occurrence, severity of impact as well as the risk level will be evaluated.
- Controls/Safeguard Analysis: During this phase Elevate performs the evaluation of controls implemented by our financial services clients to reduce risks to an acceptable level. The sufficiency of implemented controls will be reviewed by Elevate, and it is during this phase that recommendations to mitigate identified remaining risks are developed.
- Reporting and Recommendations: Elevate provide actionable recommendations and the required elements of reporting towards GLBA compliance.