Customers: DeltaCredit bank (DeltaCredit)
Contractors: Microtest Product: Projects of external audit of IT and security (in tch PCI DSS and SUIB)Project date: 2012/02
|
In 2010 DeltaCredit joined number of banks which accepted the recommendations of the Bank of Russia to fulfill the requirements of service station of BR IBBS – a complex of the documents describing uniform approach to creation of a system of information security support (cybersecurity) of banks. Service station of BR IBBS provides audit by forces of external auditing organizations along with a self-assessment of bank. As the contractor of external audit the Bank invited Microtest company in which portfolio more than 10 complete audits of cybersecurity in banks.
The project in DeltaCredit was separated into stages of audit and consulting. Within the first stage auditors Microtest carried out conformity assessment of information security of bank in three directions: IB current level, principles of management of cybersecurity, level of support of problems of cybersecurity from the top officials of bank. Audit was booked according to requirements of the Bank of Russia and the analysis of business processes and documents, an interview of employees of Bank and also surveys and observations of the operating room included activity. The audit area of cybersecurity was selected so that to provide the maximum reliability of results of audit and their applicability to all divisions and representative offices of bank.
At the second stage consultants Microtest prepared the report and the audit report which contain outputs about degree of compliance of service station of BR IBBS and the recommendation about increase in security.
"In addition to works on an information security audit, some of important project deliverables there were detailed recommendations about increase in the cybersecurity level of Bank. These recommendations will allow to correct the strategy of improvement of information security of Bank and to effectively plan our future projects in the field of cybersecurity", - Chaplygin Roman, the head of department of information security of DeltaCredit told.