RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2
Project

Millenium Bank completed audit on compliance to requirements of the Central Bank

Customers: Millennium Bank

Moscow; Financial services, investments and audit

Contractors: Technoserv
Product: Projects of external audit of IT and security (in tch PCI DSS and SUIB)

Project date: 2014/02  - 2014/06

Content

On June 17, 2014 the Technoserv company announced the executed project to conformity assessment of business processes of Millenium Bank to requirements of Provision of the Bank of Russia No. [1].

Project Tasks

"According to requirements of the law "About NPS" banks in the activity should consider requirements of a large number of regulating legal documents of different regulators – FSTEC, FSB, the Bank of Russia, Roskomnadzor, and without involvement of external consultants to make impartial assessment of accomplishment of these requirements it is problematic, – Vyacheslav Godunov, the head of department of information security of Millenium Bank noted. – Therefore the management of bank made the decision to attract to this task of the experienced consultants capable in the delivered terms to book audit, to develop for us constructive recommendations and documents".

Project Progress

The contractor of the project on a competitive basis selects Technoserv company. She performed a complex of works in several stages with a general duration of 3 months. Deadlines of implementation are caused by need of submission of the reporting in the Bank of Russia to a certain term.

First of all the assessment of the current level of compliance of Millenium Bank to requirements of Provision of the Bank of Russia No. 382-P is carried out. information on degree of a compliance with regulatory requirements of the Russian Federation in the field of processing and personal data protection Is updated. On the basis of data retrieveds recommendations about elimination of the revealed discrepancies and notes for requirements for data protection at implementation of money transfers and personal data processing were developed.

Project Results

Project result - development and transfer to the customer of a packet of administrative documentation necessary organizationally which covers safety requirements in NPS.

"Use of modern technologies in the credit and financial sphere at implementation of settlement in electronic form and at money transfer opens new opportunities for credit institutions among which there is, for example, an Internet bank. A reverse side of these opportunities – risks of use of new technologies which need to be considered including risks of information security. Observance of requirements of the Bank of Russia – the good tool on their minimization, – Pavel Eroshkin, the head of department of information security of Technoserv integrator told. – The project for Millenium Bank became demonstrative on the efficiency that became possible thanks to a constructive position of the management and IT department of bank".

Notes

  1. a 382-Ppolozheniye for execution of Article 27 No. 161-FZ of the "On the National Payment System" (NPS)