CastleGarde will perform a subset of the Internal Vulnerability Assessment (IVA), Physical Security Assessment (PSA), and Robbery Risk Assessment (RRA). Branch Controls Assessments will be provided at each location specified within the contractual agreement. Controls under review in the Branch Controls Assessment (BCA) are administrative controls; physical controls to include doors, windows, access controls, roof access, etc.; alarm system; surveillance system; server room or network equipment closet; records room or records vault; media storage and destruction; and workstation sampling activities. Other activities of a Branch Controls Assessment may include, but are not limited to, social engineering attempts, vulnerability testing, review, and observation of controls employed at the branch location. These activities are conducted to ensure that the individual branch practices, policies, and procedures comply with the credit union’s overall information security program and to ensure consistency throughout credit union offices.
All findings or observations are reported in a professional report along with specific recommendations to strengthen the overall security of the branch location. The Branch Controls Assessment Report is normally provided and included as a unique and separate report offering.