At Campbell & Associates, Inc., we have a vast knowledge of the issues facing the financial services industry based on our experiences with reviewing various size institutions.
Our experts can help identify the areas of your business where we can optimize your information risk, and offer solutions to manage the information risk for your organization.
As financial institutions are becoming increasingly dependent on more complex computer systems and networks, including the Internet, information risk management and network security have become issues of vital concern to senior management, customers and regulatory agencies.
Campbell & Associates, Inc. can help clients assess, monitor and manage the risks associated with operating critical business information systems, Internet connectivity and networks. Using FFIEC Examination Guidelines, we work to identify and quantify clients’ risks, and then propose specific risk mitigation solutions. We focus on emerging issues such as electronic commerce, Internet connections, wireless technology and other ever-changing technologies and related regulatory requirements. Our Information Technology Services are focused on improving your information risk posture through assurance, consulting and outsourcing services. We concentrate not only on the technical aspects of data processing, but also view data processing applications from the business user’s perspective.
Campbell & Associates, Inc. can identify the information systems controls that are necessary from a user’s viewpoint and specified as required by the Gramm-Leach-Bliley Act and other regulatory guidance, yet still practical and cost beneficial from management’s perspective.
Our formal reports are presented from the user’s perspective in non-technical language.
We perform general control reviews and application testing for both outsourced service bureau relationships as well as in-house systems, which provide business information to hundreds of users on a variety of platforms. Typically, we review general controls over management and implementation of microcomputers, Internet connectivity and usage, information networks, mainframe and microcomputer environments, information security practices, EFT (including wire transfers and ACH processing), and other emerging technologies.