News & Press Releases
Nov 25, 2009—News from the Field
Niki Neese, VP Account Management
Welcome to the fourth edition of the 2009 Safe Systems Newsletter!
As I have discussed earlier, we have incorporated a compliance topic to the Quarterly System Review that we perform with your financial institution. The main objective of adding the compliance topic is to present you with information on the latest compliance trends that we see throughout our customer base.
For the fourth quarter of '09, our strategic focus will be defining certain risks that are part of your risk assessment program. Over the past year, we have seen a significant increase in the amount of focus given to institutions' risk assessments and the importance of properly addressing each category. When you implement new technology, it is critical that you perform a risk assessment on each functional area that the technology may impact. As part of your IT or Steering Committee meetings, your institution should do the following:
1. Identify Risk
2. Measure Risk
3. Monitor Risk
4. Control Risk
Management is ultimately responsible for the implementation, integrity, and maintenance of risk management systems. Therefore it is imperative that the board of directors is adequately informed about risk-taking activities. The problem that we have seen among our clients is that they assess the risk after the technology has been implemented. It is important that you begin the risk assessment process when you begin discussions of adding new technology or services to your institution. Our goal this quarter is to provide your institution with our insight and guidance on certain types of risks and their respective definitions. Often times we see institutions struggle with understanding the actual definition and how it specifically relates to their institution.
Below are four broad risk categories that will be a part of our compliance checklist this quarter.
1. Operational and Transactional Risk - the risk of loss to earnings or capital resulting from inadequate or failed internal processes, people and systems, or from external events.
2. Regulatory and Compliance Risk - the current and prospective risk to earnings or capital arising from violations of, or nonconformance with, laws, rules, regulations, prescribed practices, internal policies, and procedures, or ethical standards.
3. Strategic Risk - the current and prospective impact on earnings or capital arising from adverse business decisions, improper implementation of decisions, or lack of responsiveness to industry changes.
4. Reputation Risk - the risk that negative publicity regarding an institution's business practices will lead to a loss of revenue through client attrition or the inability of the institution to generate new customers.
Per the FFIEC IT Examination Handbook, Information Security Booklet:
A strong security program reduces levels of reputation, operational, legal, and strategic risk by limiting the institution's vulnerability to intrusion attempts and maintaining customer confidence and trust in the institution. Security concerns can quickly erode customer confidence and potentially decrease the adoption rate and rate of return on investment for strategically important products or services. Examiners and risk managers should incorporate security issues into their risk assessment process for each risk category.
We suggest that you review your risk assessment on a quarterly basis and address any changes or future implementations that your institution might be evaluating. The existence of risk is not necessarily a problem; even the existence of high risk in any area is not necessarily a concern, so long as the institution's management effectively manages that level of risk.
Again, we welcome your suggestions on topics that you would like for us to consider in the upcoming quarterly newsletters. Please email us at info@safesystems.com with your comments and suggestions. We thank you for your support and participation.
For media inquiries, please contact:
Marketing Department
770.752.0550
info@safesystems.com
All News & Press Releases:
- Nov 26, 2009 – Safe Systems, leading provider of IT and compliance services for financial institutions is awarded two prestigious awards; MSP Overall Best in Class and Best Places to Work
- Nov 25, 2009 – Hosted Solutions
- Nov 25, 2009 – A Virtual Revolution for Aging Servers
- Nov 25, 2009 – Back to the Future
- Nov 25, 2009 – News from the Field
- Nov 25, 2009 – RTO & ROI - The Business Case for Disaster Recovery
- Nov 25, 2009 – NetComply Reporting
- Nov 25, 2009 – Company Announcements
- Aug 14, 2009 – Company Announcements
- Aug 14, 2009 – How Can I Optimize my NetComply Remote Control?
- Aug 14, 2009 – Vendor Management: Policy, Monitoring, and Training
- Aug 14, 2009 – Vendor Management - BITS & Pieces
- Aug 14, 2009 – Vendor Roles and Relationships
- Aug 13, 2009 – News from the Field
- Jul 7, 2009 – Safe Systems Acquiring Division of Total Data Services - Strategic Enhancement for Safe Systems to Further Strengthen Expertise and Service Delivery of IT Solutions to Financial Institutions
- Jul 6, 2009 – Safe Systems National NetComply Users Conference March 22-24, 2010
- Jun 11, 2009 – Strong Business Strategies for a Weak Economy
- Jun 11, 2009 – Jimmy Gets an Assistant
- Jun 11, 2009 – Using AVG
- Jun 11, 2009 – Account Management News
- Jun 11, 2009 – Policies, Procedures, and Practices...in a Perfect World
- Jun 11, 2009 – Educating Your Customers
- Jun 11, 2009 – Announcing Charleston, South Carolina Training Classes
- Jun 11, 2009 – Company Announcements
- Mar 6, 2009 – Safe Systems is pleased to welcome back Mark Clemens
- Feb 24, 2009 – Change Management for the Well Intended Admin
- Feb 24, 2009 – What is a SAN?
- Feb 24, 2009 – Account Management News
- Feb 24, 2009 – Documentation - The Missing Link
- Feb 24, 2009 – Information Security Policies: Keeping an Honest Employee Honest
- Feb 24, 2009 – Why Does My NetComply Patch Score Change So Frequently?
- Feb 24, 2009 – Upcoming Training Opportunities
- Feb 24, 2009 – Company Announcements
- Dec 5, 2008 – Safe Systems Set to Host First Users Group Meetings
- Aug 28, 2008 – Business Continuity Planning Seminar
- Aug 27, 2008 – Emerging Technology Series - Server Virtualization
- Aug 27, 2008 – Safe Systems Introduces Managed Backup/Vaulting
- Aug 27, 2008 – The ID Theft (Red Flag) Rules
- Aug 27, 2008 – Account Management: More than Just a Quarterly Review
- Aug 27, 2008 – Ask Jay
- Aug 27, 2008 – Social Engineering Calls: Paranoia or a Healthy Respect of the Dangers?
- Jun 25, 2008 – Business Continuity Planning Seminar
- May 6, 2008 – Emerging Technology Series - Data Vaulting/Online Backup
- May 6, 2008 – Downtime Tolerance
- May 6, 2008 – Vendor Management
- May 6, 2008 – FFIEC Business Continuity Planning and Examination Handbook, March 2008
- May 6, 2008 – In Case of Emergency:.Do Your Employees Know What to do?
- May 6, 2008 – Announcing Savannah, Georgia Training Classes
- May 6, 2008 – Company Announcements
- Feb 27, 2008 – Letter From the President
- Feb 27, 2008 – Windows Mobile vs. Blackberry: A Lesson in TCO
- Feb 27, 2008 – Symantec Endpoint Protection
- Feb 27, 2008 – Customer Data - The Newest Hot Commodity
- Feb 27, 2008 – Strengthen Your Core
- Feb 27, 2008 – A Few Simple Rules and Policies
- Feb 27, 2008 – Ask Jay
- Feb 27, 2008 – Company Announcements
- Nov 1, 2007 – Endpoints: They Are Out There and Unsecured
- Nov 1, 2007 – Emerging Technology Series - Windows Vista
- Nov 1, 2007 – A Christmas Story
- Nov 1, 2007 – Lower Cost Through Education
- Nov 1, 2007 – Education Services - Vista Training Side Note
- Nov 1, 2007 – Ask Jay
- Nov 1, 2007 – A Lighter Approach to Technology and You
- Nov 1, 2007 – Company Announcements
- Aug 6, 2007 – Budget Season - The Hunt Is On
- Aug 6, 2007 – Emerging Technology Series - Remote Access
- Aug 6, 2007 – What's In a Title?
- Aug 6, 2007 – Ask Jay
- Aug 6, 2007 – FFIEC Information Security Booklet*: Activity Security Monitoring versus Condition Security Monitoring - Which is More Important?
- Aug 6, 2007 – Education Services Announces New Exchange 2007 Class and Webinar
- Aug 6, 2007 – Company Announcements
- Jul 11, 2007 – Safe Systems, Inc. Announces New President
- May 25, 2007 – SAFE SYSTEMS' ADVISORY COUNCIL MEETING A HUGE SUCCESS
- May 11, 2007 – Emerging Technology Series - Citrix Server Information
- May 11, 2007 – Phishing and SPAM
- May 11, 2007 – Ask Jay
- May 11, 2007 – Email and Data Retention Policies - Time to Take a New Approach
- May 11, 2007 – Announcing Savannah, Georgia Training Classes
- May 11, 2007 – Company Announcements
- Feb 27, 2007 – Safe Systems Launches NetGUARD- Managed Service Offering
- Feb 20, 2007 – Safe Systems, Inc. Announces Strong 2006 Results
- Feb 5, 2007 – Emerging Technology Series - Voice Over IP Telephony
- Feb 5, 2007 – Exchange 2007: High Availability with Instant Real-Time Failover
- Feb 5, 2007 – Record Retention Policies - Time to Take a New Approach
- Feb 5, 2007 – Ask Jay
- Dec 1, 2006 – Homeland Security Warns of Cyber-Terrorism Threat
- Nov 30, 2006 – Image-Based Spam Alert
- Nov 6, 2006 – Windows 2007 - Microsoft Releases L.O.V.E.
- Nov 6, 2006 – Emerging Technology Series - Wireless Networking
- Nov 6, 2006 – What is a MSP, and Why Do I Need One?
- Nov 6, 2006 – Implementing WIFI - Is it Worth the Risks?
- Nov 6, 2006 – Ask Jay
- Nov 6, 2006 – Online Security Awareness Training
- Nov 6, 2006 – Education Services Announces North Carolina Classes
- Nov 6, 2006 – December Webinars: Systems Administrator Year in Review
- Nov 6, 2006 – IT Regulatory Compliance Webinar Rebroadcasts
- Nov 6, 2006 – Company Announcements
- Oct 5, 2006 – Jack Henry's National User Group Conference and Technology Showcase
- Aug 23, 2006 – FIL-77-2006: Authentication in an Internet Banking Environment
- Aug 7, 2006 – Company Announcements
- Aug 7, 2006 – Ask Jay
- Aug 7, 2006 – Disaster Recovery Planning: A Proactive Versus Reactive Approach
- Aug 7, 2006 – Introduction of the Emerging Technology Series
- Aug 7, 2006 – Smart Phones featuring Windows Mobile 5.0: Synchronized Outlook on Your Cell Phone
- May 4, 2006 – Internal Email and the Risks that Come with It
- May 4, 2006 – Education Services announces Savannah, Georgia Training Classes
- May 4, 2006 – Company Announcements
- May 4, 2006 – Is Your Institution Prepared to Respond to an Information Security Breach?
- May 4, 2006 – Giving Home Users VPN Access
- Mar 31, 2006 – Letter from the President
- Mar 31, 2006 – Employment Separation Process for IT
- Mar 31, 2006 – Security Breaches: Not Just a Technology Problem
- Jan 23, 2001 – Antivirus 2009 Spyware
Is Your Financial Institution's Data Backup System Really Working?
Are you confident you have an effective and compliant disaster recovery plan?
Client Testimonials
“I appreciate all that Safe Systems does to keep us in compliance with the FDIC and regulators. The examiner could tell that we have worked hard on getting the IT area to where it is today. Safe Systems Managed Services made it much easier.”
Dawn Kelley
The Commercial Bank
“Safe Systems Managed Services offers a vast array of options to help us maximize our IT staff’s time, productivity, and budget in a way that is completely scalable to meet our specific needs as we grow and change.”
Leesa Anderson
State Bank of Cochran
“The focus on financial institutions has allowed Safe Systems to gain invaluable experience that we can tap into and learn from as we change to grow our network infrastructure to meet the needs of the bank.”
Leesa Anderson
State Bank of Cochran
“Safe Systems Managed Service is the BEST thing since sliced bread!!! GREAT JOB!!”
Glenda Miller
Williamsburg First National Bank
“Safe Systems has the BEST support team …everyone is full of personality and they each have their own way of making you feel IMPORTANT!!”
Kathy Godwin
Williamsburg First National Bank
“It’s easy to talk positively about my experience with Safe Systems. EVERYONE I’ve talked to has been overwhelmingly helpful. Thanks for providing top-notch service, and always doing so in a friendly manner.”
Mathew Tomlinson
Flint Community Bank
“The expertise that Safe Systems provided during the implementation of the Bank and on the ongoing assistance they give has enabled HNB to score very well on all of our regulatory and internal audit IT examinations.”
Michael Carleton
Herald National Bank, NYC
“With Safe Systems Managed Services, patching my servers and workstations is automated, I get daily reports and my servers and workstations stay patched with the latest Microsoft Updates. Which is great for audit time!”
Robert Gay
The Bank of Bonifay
“I wanted to let you know we just completed an IT audit, and the auditors were very complementary of and impressed with your NetComply product. This was the first time they had seen it in action.”
David Reynolds
InsBank
“We always receive exemplary customer service from Safe Systems. The entire group of engineers have always provided superior courteous service. This encompasses minor problems to the complex. I believe we receive an excellent value for the dollars we spend with your company.”
Charles Knight
United Americas Bank
“I could not ask for a better company to put my trust in when maintaining my network. As a Platinum customer, I don't worry about anything because I know I have knowledge, experience and professionalism standing behind me with the Safe Systems staff. Wouldn't go anywhere else!”
Nicole Rinehart
American Pride Bank
