We have a long list of investment and financial organizations supportive of our work in this industry. We understand the unique needs of your industry and are competitively positioned to help you. Our consultants apply deep technical understanding to the stringent requirements of audit and control. Peters & Associates believes this to be a competitive advantage over auditors having to learn how the technology works. As a result of our information security work, Peters & Associates has the kind of specialized IT and regulatory experience our clients need to feel comfortable, and to reduce their cost of compliance.
Peters & Associates is proud to offer the
following targeted services to meet the needs of investment and financial
institutions:
- Risk Assessment – a work program based on FFIEC, SANS, and
Peters & Associates best practices for assessing and quantifying
risk. This is intended to fit the budgetary and regulatory needs of small
and mid-sized financial institutions.
- Information Security Testing and Assessment – using a checklist
approach, organizations are able to quantify their security testing
requirements across the enterprise. Often organizations stagger desired
review areas to be comprehensive within budget parameters.
- Disaster Recovery and Business Continuity Planning – a work program for
identifying and closing gaps in the disaster recovery and business continuity
plans of financial institutions. This plan includes risk analysis,
technical plan development, and template-based approaches for testing.
- Employee Security Awareness Training - a work program for educating bank employees about
information security. Topics range from Physical Security to Social
Engineering to Internet and Email Usage. The materials can be used to
direct and conduct future security training efforts.
- Network Technology Assessment - a work program for assessing the operational
efficiency of an organizations network environment. Our recommendations
serve to improve the security, documentation, performance, scalability, and
fault tolerance of the network environment.