Through the Financial Institution Shared Assessments Program, financial services organizations can review and test a service provider's security controls, including people, processes and procedures. The program is based on two documents: a standardized questionnaire and the Agreed Upon Procedures (AUP). The questionnaire, which has become an industry-standard, provides financial institutions with a high-level overview of their security controls, while the AUP offers a more granular report on specific controls.
"BITS' mission is to work to improve security, reduce fraud and manage risk in the financial services industry," said William A. Osborn, Northern Trust Corporation Chairman and CEO and BITS Chairman. "By joining the Shared Assessments Program Working Group and licensing its standards, Cybertrust demonstrates a keen commitment to enhancing security and mitigating risk. We look forward to Cybertrust playing a key role in shaping the program."
As an assessment firm member, Cybertrust joins a group of top financial services companies, service providers and assessment firms that together are crafting IT security standards, developing efficiencies and cost savings and enhancing security in the industry. Participation in the Working Group also provides a forum for Cybertrust to engage financial services thought leaders around critical IT, security and compliance challenges in the industry.
As a software solution provider licensee, Cybertrust will incorporate the questionnaire and AUP into its Partner Security Program, providing current customers and new vendors within the financial services industry with the ability to complete the Shared Assessments Program questionnaire.
"It is imperative for financial institutions to monitor and manage their security controls closely," said Kerry Bailey, Cybertrust senior vice president of global services. "The Financial Institution Shared Assessments Program empowers them to do just that, and in a way that delivers cost savings for both financial institutions and vendors. As a member of the Financial Institution Shared Assessments Program, Cybertrust is pleased to continue to raise the bar on security in the financial services industry."