Information Security & Regulatory Compliance
Focus Audits provides testing and documentation services through our firewall vulnerability scanning using non-invasive tools to scan your external perimeter and identify risks. We provide documentation that identifies vulnerabilities and details necessary steps to mitigate identified risks.
External Penetration Testing
Focus Audits provides systematic scanning of external assets and our auditors will drill down as far as possible to access your systems. Written documentation identifies vulnerabilities and includes recommendations to fortify your security stance and mitigate risks.
Internal LAN Penetration Testing
Internal penetration testing examines the security of your Local Area Network. Electronic tools and social engineering scenarios are used to evaluate risks and recommendations are provided to fortify your internal security stance.
Interim Information Security Officer
Focus Audits provides information security leadership services designed to assess and benchmark your institution’s information security and network security posture. Our Interim ISO Service is customized and scaled based on the size of your institution. Focus Audits provides a structured approach in measuring security initiatives and our program develops the strategic security direction using internationally recognized information security standards.
GLBA Operational Risk Assesment
Focus Audits utilizes a database containing over several hundred identified risks as they review your institution’s policies, procedures and operational environment. Written documentation and executive reports are prepared for Board of Director approval. Additionally, a detailed report identifying each risk and processes to mitigate risks are delivered.
"Prometheus" Incident Response Program
Focus Audits offers a Unified Security Management solution that offers a cost-effective way for community banks with limited or no security staff to detect and respond to threats in real-time. The Prometheus service offers; Asset Discovery, Vulnerability Assessments, Threat Detection, Behavioral Monitoring, and Security Incident Event Management (SIEM).
Information Security Officer Training
Focus Audits conducts engagements geared toward providing security training for your financial
institution’s Information Security Officer. Not only do we review GLBA and other regulatory mandates, but all regulatory requirements are applied to your institution’s specific security framework. Serving as a mentor, Focus delivers oversight and direction, providing employees with the opportunity to learn and understand their roles and responsibilities.