Information Security and Compliance
Solution Programs are our only business
CastleGarde understands the constant evolution of regulations and the ever changing dynamics of technology. Staying current with these changes is a time consuming and often frustrating exercise for credit unions.
Our reputation in the credit union industry is built based on being subject matter experts in the area of regulatory compliance, focused on NCUA Regulations 12 CFR 748 Part A and B. Whether it be NCUA Regulation 748, Gramm-Leach-Bliley, Sarbanes Oxley, Bank Secrecy Act, Identity Theft Red Flags (12 CFR Part 717.90), e-commerce, or any of the regulatory requirements facing credit unions today, CastleGarde provides solutions that keep your credit union up-to-date and compliant.
Founded in 1996, CastleGarde has provided regulatory-based compliance solutions to hundreds of credit unions nationally and internationally. Our core services are focused on two primary areas; providing Information Security Policy and Procedures - specifically in the area of protecting Sensitive Member Information (SMI) - and providing Enterprise Wide Information Security Risk Assessments consisting of Internal and External Vulnerability Assessments performed in tandem with a Physical Security Assessment.
Each of the aforementioned requirements have both policy and technology impact on your credit union. FFIEC, COBIT, ISO, NCUA, NIST and PCI all have extensive lists defining over 1700 unique areas, checks, tests and controls in their respective checklists. CastleGarde’s Risk Assessments currently address over 1600 of those specific controls. The assessments are performed by staff with extensive credit union experience and industry recognized certifications such as CISSP, CISA, CISM and CEH, utilizing cutting edge tools and technology. What differentiates CastleGarde? The human factor. Our expert staff drives the technology, personally performs and reviews all of the assessments and resultant reports, interfacing with your staff on a personal level with respect to the findings. We are your Information Security Consultants.