TruPoint Partners' IT Risk Check software was developed to provide a step-by-step guide to compliance with the Gramm-Leach-Bliley Act (GLBA). The software follows the dictates of the FFIEC guidelines for internal IT audit, risk and physical assessment and helps insure that you are doing all that is necessary to safeguard your customer information.

• Guided internal IT audit program that consolidates the FFIEC IT Handbooks to save you time!
• Document your IT and Physical Risk Assessment as mandated by GLBA - we will guide you through all of the steps.
• Document your compliance with GLBA 501(b) and vendor management programs.
• Will identify areas of weaknesses in your information security program policies, controls, testing, etc. - providing you the direction you need to implement a solid technology plan to protect your bank's assets.
• Easy to use database application with over 20 examiner and board friendly reports.

IT Risk Check is a specialized software tool that makes the IT risk assessment and Gramm-Leach-Bliley (GLBA) 501(b) compliance review more manageable, far less time intensive, and much more affordable than an external IT review. IT Risk Check helps you assess how secure your bank is from unauthorized access to customer information. IT Risk Check was developed by bankers, who understand how banks run and how bankers work.

To truly satisfy regulators, you will want to be able to explain your bank's safeguards and controls to minimize vulnerabilities that could exploit threats identified for your various IT systems. The IT Risk Check software is a logical, step-by-step tool kit that will enable you to better understand the current state of your information security. Better understanding leads to more effective risk management in the future. This process of review and remediation is what the regulators will be looking for when they conduct your next IT and information security exam.

GLBA 501(b) mandates that financial institutions annually update and assess their information security program and overall compliance with the act, which includes conducting an IT risk assessment. IT Risk Check streamlines the compliance process with step-by-step guidelines that takes the guesswork out of preparing and performing a complete review. The software incorporates guidance from primarily the FFIEC Information Security Handbook and the National Institute of Standards and Technology (NIST) as well as the other FFIEC IT Handbooks and Guidance.

IT Risk Check is an easy to use Windows application that is organized and easy to use - no training is required. A few highlights include:

• Module 1 Getting Started Checklist: A twenty two (22) point checklist of resources needed to complete the review.
• Module 2 Information Systems Review: An eight (8) section module for reviewing information systems management, application and vendor management, data and physical security, disaster recovery and business continuity, electronic funds transfer, electronic banking activities, networking-PC's-firewalls, and operational controls. This module consolidates much of the 12 FFIEC IT Handbooks.
• Module 3 Information Security Risk Assessment: An application that will guide you through a complete eight (8) step methodology for completing an IT risk assessment on each of your IT systems in your bank. In addition, this module contains an application for completing a physical environment risk assessment and an application for organizing your various banking applications into a single repository.
• Module 4 Getting Started Checklist: The final application in the program will guide you through a GLBA 501(b) review of the four (4) key sections of the act. They include your bank's written information security program, risk assessment process, oversight of service providers, and program adjustment process.

IT Risk Check will save you money and enable you to take complete control of the process, in addition to eliminating the need for an external review. Included with the software are free updates and unlimited suppport. As with all TruPoint solutions, your satisfaction is 100% guaranteed. If you are dissatisfied for any reason, TruPoint will return your money no questions asked.