H.M. Payson sought a broad based assessment of their overall security position. From policies, to plans, and even physical security wanted an independent assessment of their current security infrastructure along with identification of any areas for improvement.
NCG leveraged proprietary security risk assessment model to assess H.M. Payson’s internal and external in addition to third-party outsourced systems. NCG’s security model has specific components specifically geared towards financial institutions—internal systems as well as outsourced partners. It takes specific note of regulatory provisions including SOX, HIPAA, and PCI compliance as part of the assessment. NCG assessed H.M. Payson’s internal, external, and third-party outsource infrastructure, security policies, configurations, architecture, and performed scans across each platform. Detailed reviews of configuration management, IT policies and procedures, HR policies, physical security policies and entry point configurations were conducted as well. NCG audited and assessed seventeen essential areas based on BS ISO/IEC17799, PCI, FISMA, and ITIL:
NCG provided H.M. Payson with a broad yet detailed view of security across their organization including connections points with external partners. Areas of improvement were identified and specific action steps were provided.