Information Security Program Development and Support

Information Security Program Development and Support


Information Security Program Review & Assessment

CastleGarde conducts a review of the credit union’s existing information security policies and procedures to assess their comprehensiveness, identify specific weaknesses, and evaluate their compliance with information security rules, guidelines, and federal regulations including NCUA’s 12 CFR Part 748 Appendix A and Appendix B. A report is produced that summarizes the findings and makes recommendations for improving the credit union’s information security program.

Information Security Policy

The information security policy is a Board-approved, concise, high-level document which incorporates all elements of NCUA’s Part 748 requirements and provides guidance to management in the creation and implementation of a written information security program.

Information Security Standards & Procedures

The information security standards & procedures is a comprehensive document which details the standards and procedures required for the credit union to comply with the specific elements outlined in the information security policy including cybersecurity. It is intended for use by credit union executives, managers, supervisors, and information technology personnel.

Information Security User Guidelines

The information security user guidelines document is a subset of the information security standards & procedures. It contains only those standards and procedures that apply to most employees, including the basic requirements which must be followed by all employees to ensure information security compliance at the credit union. This document should be available to all employees.

Information Security Training

Online web-based training (24/7 unlimited use).