IT Security and Audit Vendor Due Diligence
The categories below are taken from the FFIEC Outsourcing Technology Services Booklet from June 2004. According to the FFIEC, “A financial institution should perform due diligence on the service provider’s response to an RFP as well as the service provider itself. Due diligence should serve as a verification and analysis tool, providing assurance that the service provider meet the institution’s needs.”
The chart below is our way of showing you that TrustCC in consistently performing due diligence.
| Category | TrustCC |
| Existence and Corporate History | Founded 2001, serves approx 150 financial institutions. |
| Qualifications, Reputation Background of Company Principals | Principals have 22 years each in IT and an average of 15 years in IT Security. |
| References | Plentiful in References – details available. |
| Financial Status | Financially sound – details available. |
| Strategy and Reputation | Known as a market leader in the Northwest. |
| Service Delivery Capability | Ample number of staff with an average of 9.75 years experience in IT security and audit. |
| Bank and Credit Union Experience | The only firm in the US to have acted as IT examiners on the behalf of a government agency for financial institutions for a 4 year period. |
| Technology Architecture | State of the art laptops and comprehensive mobile work force technologies. |
| Internal Controls | Security policies, contracts, background checks, technical controls, physical controls. |
| Legal and Regulatory Compliance | No legal actions even threatened, licensed. |
| Insurance Coverage | Specific professional liability coverage for IT audit and security services. |
| Typical Client | Banks and Credit Unions ranging from \$ 2 million to over \$ 93 billion in assets. |
| Certifications | Microsoft, Cisco, CISA, CISSP, CISM, GIAC, Security+. |
| Staff Training | All Staff attend annual training. In ’07 – SANs San Diego and Defcon. |
Download TrustCC's Due Diligence Checklist to do your own comparison! (PDF opens in new window)
For more information about TrustCC, Contact Us today!
Recent Quote
“TrustCC's professionalism, knowledge, and effective communication style are a welcome change compared to other firms. Their recommendations allowed us to easily implement the necessary control changes to not only pass examination, but ensure the proper protection of both the Bank’s and our Customer’s information." – Eric Jensen Chief Financial Officer of Fortune Bank; December 2007
About TrustCC
TrustCC’s team of professionals is unsurpassed in hands-on experience and regulatory knowledge. We focus our attention on detail, insightful reporting, and our customers’ needs.
TrustCC is known for its systems, security, and regulatory expertise, customer service and independence.
We are confident that our services will exceed your expectations.
Locations Served
TrustCC started in the Seattle/Tacoma area. Today TrustCC serves clients throughout the United States and elsewhere!