Information Security Risk Assessment Software

The Gramm-Leach-Bliley Act (GLBA) and the Interagency Guidelines Establishing Information Security Standards require financial institutions (banks, savings associations, and credit unions) establish an Information Security Risk Assessment.

Version Tracking

Use version tracking to access data from previous versions of the risk assessment, compare data in the risk assessment over time, and identify trends from year to year.

Framework

Use Tandem's asset risk assessment framework to go step-by-step through the assessment process.

Quantifying the likelihood and potential damage associated with threats is made easy with a simple control calculation tool. Use the information captured to easily report on your risk posture.

Asset Templates

Get started right away by using our risk assessment templates designed for common information security assets.

Begin with our recommended guidance, threats and controls. Then use the framework to tailor each assessment to perfectly reflect your organization.

Downloads

Effortlessly generate consistent and professional documents on the fly to share with your executive team, board of directors, auditors and examiners.

These customizable documents are available in Microsoft Word and Adobe PDF formats.

CoNetrix offers an online risk assessment software solution to help banks and credit unions perform an information security risk assessment, per GLBA, as well as individual information asset risk assessments. We designed our software using guidance from the FFIEC, FDIC, OCC, FRB, NCUA, and CFPB. Our web-based risk assessment software is designed in an easy-to-follow format.

Watch a Demo Request a Quote

Information Security Risk Assessment

The Tandem Information Security Risk Assessment Software includes:

A location management tool to assist in identifying likelihood and potential damage based on physical locations
A threat questionnaire broken into eight sections to assist in quantifying the likelihood and potential damage associated with threats:
- Structure & Responsibility
- Size & Complexity
- General Controls
- Previous Experience
- Natural Disaster/Elemental
- Contracts, Legal, and Regulatory
- Audit & Security Testing
- Security Awareness Training
More than 60 pre-defined "common" threats to financial institutions, including Biological Pandemic, Remote Deposit Capture, Internet Banking System Misuse, and Wireless Emissions Compromised
A confidential information management section to manage data classification and data flow and to document the location of customer information and/or vital records
A threat management section to manage controls, information security and cybersecurity compliance, impact, and guidance associated with identified threats

Information Asset Risk Assessments

Additionally, the Information Asset Risk Assessments portion includes:

Risk assessment framework with control reduction calculation to assist in quantifying the likelihood and potential damage associated with threats
Data type management to manage data classification and to document which assets house various data types
A threat management component to manage controls, compliance, impact, and guidance associated with identified threats
Multiple risk assessment templates for priority assets.
See Asset-based risk assessment templates.

Custom Risk Assessments

Tandem Risk Assessment also includes custom risk assessment templates. Add your own threats and controls or incorporate CoNetrix suggested threats and controls to assist in the creation of various assessments. Custom assessments can be mapped to controls and guidance.

Integrations

For internet banking risk assessments, use Tandem Internet Banking Security Program—which can be purchased separately and integrated with the Tandem Risk Assessment product.

Use the Tandem Policies integration, which allows users to customize a set of more than 50 pre-defined Information Security Policies, already mapped to your Information Security Risk Assessment threats.

Additionally, the asset management tool integrates with Tandem Vendor Management and Tandem Business Continuity Planning products to show connections among assets, vendor services, systems, and software, per the updated FFIEC Information Security Booklet.

Features

The CoNetrix Information Security Risk Assessment software is feature-rich, including:

The ability to document an unlimited number of risk assessments
A storm and crime event statistics report tool
Suggested threats, controls, and risk levels created and updated by security and compliance experts
Downloadable documents in Microsoft Word and/or Adobe PDF formats
New features and updates are automatically included with your annual subscription
Free training workshops to help familiarize you with the software
Integration with other CoNetrix online software
Anywhere/anytime Internet access through a secure, online portal
Multi-factor authentication (optional)
Single Sign On (SSO) integration using SAML 2.0
Multi-user access
No software installation or equipment costs
The ability to manage several companies' risk assessments with one login (requires a subscription for each company)

Professional Services

For professional services, ask your account representative about adding Boost Consulting services.

Ready to Get Started?

Access our video library to see what our products can do for you.

Watch a Demo

Get a quote for the products that fit your immediate needs.

Request a Quote

Work with our team to get up and running with Tandem.

Get Started