A mission-based credit union with 10 branches and nearly $500 million in assets.
While the credit union had a history of clean IT audits, it was seeking support from cybersecurity experts to identify areas for improvement. In addition to simply being compliant, it wanted to ensure its IT security was as strong as possible — and with a small staff, it knew it would need outside help to do that.
Our cybersecurity team conducted multiple audit and penetration tests to identify areas where the credit union’s IT security could be strengthened. The team worked with the credit union to identify potential cybersecurity threats and recommended policies and procedures that would eliminate them before its next regulatory exam. We scheduled remediation testing within six months of the initial audit to confirm that the new procedures were effective and the organization’s security environment was strong.
Our recommendations resulted in several benefits for the credit union, including:
- Improved policies for system access rights and documentation procedures
- A robust vendor management program
- An effective patch management process for third-party applications
- Overall realignment of management structure for IT and information security
After implementing our recommendations, not only did the credit union receive a clean report during our remediation testing, but it improved its security environment and passed the regulatory exam with flying colors. Management continues to work closely with our team, ensuring security remains a key piece of ongoing operations.