• Best Practices & Process Improvement
  • Benchmarking & Best Practices Assessment
  • Benchmarking - The Cornerstone Scorecard©
  • Process Improvement
  • Imaging and Workflow Automation
• Strategic Planning
  • Strategic Plan Development
  • Planning Facilitation
  • Strategic Plan Implementation
  • Organizational Assessment
• Technology Services
  • Technology Assessement
  • Strategic Technology Planning
  • Information Technology Governance and Project Management
  • IT Spending and Staffing Benchmarking
• System Selection
• Contract Negotiation
• Conversion Services
• Mergers and Acquisitions
  • Transaction Advisory Services
  • Merger Integration Services
• Risk Management
  • IT Disaster Recovery Assessment
  • Information Security Program Assessment
  • Business Continuity Planning

Financial institutions are coming under increased pressure by customers and regulators to defend customer data in their possession against a security breach. Under the requirements of the GLBA Information Security Act, financial institutions are required to have a written Information Security Program that is effective for use in managing and executing Information Security Risk Assessments.

How comfortable are you that your organization’s Information Security Program will adequately protect your institution and its customers in the event of a security incident?

Enter Cornerstone Advisors. A Cornerstone Information Security Program Assessment provides your organization with insight as to the overall effectiveness of its Information Security Program.

The Benefits to You

Cornerstone reviews and improves your Information Security Program and develops a best practice Risk Assessment that your organization can execute for years to come.

We do this through these steps:

• Analyze your organization's information security program from the top down, looking at the program in its entirety
• Compare your information security program against the standards as set forth by the Federal Financial Information Examination Council
• Perform a gap analysis between the information security program currently in place and industry best practices (and FFIEC regulations)
• Present our findings and recommendations to the management team responsible for information security at your organization
• We can also assist your organization in implementing the recommendations. We supply templates of policies that we have seen used successfully at financial institutions of comparable size and complexity and a comprehensive list of those areas of concern we see in your current program.

The Cornerstone Differentiation

While many consultants can provide expertise in best practices in information security, Cornerstone adds to our experience in these areas an extensive knowledge of FFIEC regulations. This enables Cornerstone to identify those gaps that your regulators care about among the myriad items that can be identified during an information security assessment. Cornerstone can train your people and leave you with the tools to perform subsequent annual information security assessments on your own.

We’ve Done this Before

Here is an example of work we’ve performed in this area:

• Agricultural lender ($749 million) – Information Security Risk Assessment