Btech is the market leader in providing affordable managed IT security services for credit unions throughout the United States
Within the NCUA Rules and Regulations, the NCUA requires the credit unions take the following steps in the Oversee Service Provider Arrangements section of part 748: “Exercise appropriate due diligence in selecting its service providers; Require its service providers by contract to implement appropriate measures designed to meet the objectives of these guidelines; and where indicated by the credit union’s risk assessment, monitor its service providers to confirm that they satisfied their obligations…”
The National Credit Union Administration (NCUA) was created to “provide, through regulation and supervision, a safe and sound credit union system.” The NCUA discusses the significance and delicacy of outsourcing Information Systems and Technology functions in their Examiner’s Guide.
“Outsourcing can help manage costs, provide expertise, and expand and improve services offered…” The NCUA also reminds credit unions that there should be “an oversight program to monitor each service provider’s operations and controls, financial condition and performance standards.”
The Federal Financial Institutions Examination Council (FFIEC) is a council created to prescribe uniform principles, standards and reports forms in order to promote uniformity in the supervision of financial institutions.
When it comes to outsourcing operations, the FFIEC recommends that financial institutions ensure that the service provider utilized “implement(s) and maintain(s) controls sufficient to appropriately mitigate risks… the institution may prescribe the use of standardized reports, such as an AICPA Statement of Standards for Attestation Engagement report” (SSAE).
As far back as 2000, the NCUA has recognized that the FFIEC’s guidance when outsourcing technology services must be taken to heart. In this NCUA Letter to Credit Unions, credit unions are urged to “implement an oversight program to monitor each service provider’s controls, condition, and performance.”
In 2007, the NCUA released this Letter to Credit Unions in which they warn that “inadequately managed and controlled third party relationships can result in unanticipated costs, legal disputes, and financial loss…”
The Statements on Standards for Attestation Engagements (SSAE) No. 16 SOC 2: AICPA Guide Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy was designed to fully address how secure your service providers are. Meeting the strict controls set forth in order to achieve SSAE compliance is the best way to ensure that your vendors are treating your organization’s information in a secure manner that will satisfy the NCUA and FFIEC requirements.
Unresolved Audit Findings? Btech Will Work Closely With You To Implement Strategic Solutions To Protect Your Credit Union and To Meet Regulatory Requirements.
Btech Has Completed The Necessary Steps In Order To Meet The Compliance Requirements Put Forth By The AICPA
Some of our recent blog posts
If you happened to catch the recent article in the Credit Union Times, “Securing Email is Idea to Bank On,” you might be feeling a bit nervous about the security of your current email system. “These are dangerous times for electronic communications,” states Coutts. Btech recognizes email as one of the greatest security threats to […]
Read MoreNACFU’s Warning About DDoS Attacks Dan Berger, the Executive VP of Government Affairs at the NAFCU, is speaking out to advise credit unions to take the proper measures to protect their members. “Burden of proof for lack of fault in data breaches should lie on retailers,” suggests Berger. Your members are trusting that you will “make […]
Read MoreThe June 7th deadline for the DFI’s 2013 IT Systems Survey is rapidly approaching. Whether you’re just now taking a look at it or you’ve been mulling over it for weeks, surely it has brought about many questions and concerns. Btech has already been flooded with questions surrounding this survey and we want you to know […]
Read MoreTalk to us today and we’ll help you identify the security solutions that are right for your credit union.
Btech is the market leader in providing affordable managed IT security services for credit unions throughout the United States
©2020 Btech – Credit Union Security Services, Network Monitoring and Management, VMware, SAN, Infrastructure 2015
Privacy Policy | Accessibility Policy | Design by Creative 7 Designs, Inc.
