IT Risk Management

Regulators continuously remind us that cyber risk and cyber security is one of the main risks to institutions today. Very large institutions have the resources to constantly combat cyber threats. Smaller institutions generally don’t have this level of bandwidth. Hackers are aware of this and are shifting their focus accordingly. Our IT team is staffed with some of the top experts in the industry. We go beyond just checking boxes and testing open ports. We identify and find solutions to mitigate real-life threats that may impact your institution.

Our IT Risk Management Successes

Verittas assisted a federally regulated bank to assess its IT security and identified serious security issues throughout the bank. Through a combination of weak levels of user security awareness training and poor laptop configuration, a bank employee with a laptop inserted a malicious USB thumb-drive file, causing complete laptop compromise, which our ethical hacker used to obtain complete network compromise, including LOS application, customer data breach, and a gateway into other bank systems in a federally insured bank.

IT Risk Assessment and Audit Services

Verittas is your one-stop for all of your IT risk management needs: from security risk and vulnerability assessments to IT general controls audits, Verittas has the know-how and the experience to determine the shortcomings of your IT security—and provide you with a game plan for moving your business forward.

Specific Listing of IT Risk Assessment and Audit Services:

  • Cyber Security Risk Assessments
    Identify the cybersecurity risks that face your organization and the assets that could be affected by cyber threats.
  • IT General Controls Audit
    Verittas has performed audits of IT controls for a multitude of clients with assets ranging from less than $100 million to over $4.5 billion.
  • Vulnerability Assessments
    Provide an organization direction on which machines are the most vulnerable, by scanning a network for known vulnerabilities which may grant an attacker unauthorized access, so that they can be patched or addressed.

IT Planning and Policy Development Services

Having identified threats and deficiencies hampering your organization’s IT capabilities, Verittas is here to work with you to chart a path forward for your business.

  • Business Continuity Plan and Disaster Plan Development
  • Information Security Policy Development
  • Network Infrastructure Analysis
  • User Access Reviews and Group Policy Analysis
  • Ransomware Response and Data Loss Prevention Program
  • Social Engineering and Phishing Education Programs
  • Threat Intelligence Program Development
  • Cloud Service and SaaS Risk Management