Why?

With the ever-evolving cybersecurity threat landscape, an IVA is a key component of a robust risk management program and information security program testing requirements. An IVA assists management with understanding the effectiveness of cybersecurity practices and controls from internal threats by identifying, quantifying, and prioritizing vulnerabilities.

How?

Your Aptum consultant will work with your team to perform a comprehensive IVA. A reputable commercial solution will be used to perform the IVA onsite or remotely.

Objectives

The objectives will focus on the following:

• Internally network connected devices
• Determination of the effectiveness of cybersecurity practices and controls from internal threats
• Identification, quantification, and prioritization of identified vulnerabilities

Communication

Ongoing communications will occur from planning, throughout the test, and after the report has been delivered. All results will be discussed with the appropriate management members at the conclusion of the test. A detailed report identifying, quantifying, and ranking the results along with an easily understandable summary of the results and risk reduction recommendations will be provided.

Partnership

Aptum is based on and committed to a true partnership where we believe that when you succeed, we succeed. This means we value and provide the same level of service to all clients regardless of size, services provided, and potential for additional services. We are committed to delivering exceptional quality and service to assist with your continued success. As such, we assure that all aspects of your service will be performed by experienced, certified professionals located in the United States.

Other Risk Management Services

An ongoing comprehensive and effective risk-based IT Audit program is not only a financial institution regulatory requirement, but also an essential component of a successful risk management strategy.

Learn more

With the ever-evolving cybersecurity threat landscape, a PVA is critical to a robust risk management program and information security program test requirements. A PVA assists management with understanding the effectiveness of cybersecurity practices and controls from external threats by identifying, quantifying, and prioritizing vulnerabilities.

Learn more

Confidentiality of account holder information is a critical function of your organization. Threats to the security of such information come in many forms. As organizations continue to evolve the methods in which they communicate with account holders, the policies, procedures, and controls of these methods need to be assessed. One such communication method is through online chat communications between your employees and account holders. Therefore, ongoing chat impersonation tests are a key component to a robust risk management strategy and information security program testing requirements.

Learn more

Confidentiality of account holder information is a critical function of your organization. Threats to the security of such information come in many forms. One such threat is through unauthorized requests made through telephone contact with your employees. Therefore, ongoing pretext calling tests are a key component to a robust risk management strategy and information security program testing requirements.

Learn more

Securing your organization not only involves technical security measures but also physical security measures. Unauthorized access to your facilities could compromise sensitive organization and account holder information as well as put at risk electronic compromise through the installation of devices or malicious systems. In addition, unauthorized physical access could result in destruction or inaccessibility of physical devices. Therefore, ongoing tests attempting to gain physical access to your facilities are a key component to a robust risk management strategy and information security program testing requirements.

Learn more

Contact us