In CB Rublyov audit of SOIB is complete

The DialogNauka company, system integrator in information security field, rendered a range of services for JSC CB RUBLYOV on reduction of the system of information security support (SISS) of bank in compliance with requirements of Provision of Bank of Russia No. 382-P, the Standard of the Bank of Russia of service station of BR IBBS-1.0-2014 and Federal law No. 152-FZ "About personal data". In a project deliverable the positive decision about accomplishment by bank of requirements to ensuring data protection was received and the list of recommendations about possible improvement of SOIB is prepared.

Partnership of DialogNauka and CB RUBLYOV has an old story. Carrying out in 2008 the complex information security audit which allowed to receive independent assessment of level of security of bank and to start development of strategy of further gain of protection was the first result of cooperation of the companies. One of the following steps on the way of improvement of a package of measures for data protection a stalarazrabotka of information security policy of CB RUBLYOV.

In 2016 for providing the high level of security of the protected information corresponding to the status of bank and also for execution of requirements of regulators of the Russian Federation, the management of CB RUBLYOV made the decision to address DialogNauka company for project implementation on reduction of SOIB of bank in compliance with requirements of Provision of Bank of Russia No. 382-P, the Standard of the Bank of Russia of service station of BR IBBS-1.0-2014 and Federal law No. 152-FZ "About personal data".

The project was divided into three main stages: at first it was necessary to conduct examination and a preliminary estimate of compliance of SOIB to requirements of regulating documents, after that to develop and finish internal documents of bank and, at last, to estimate compliance of SOIB of bank to requirements of Provision No. 382-P and service station BR IBBS-1.0-2014.

At the first stage the preliminary estimate of compliance of cybersecurity of bank to requirements of Provision of the Bank of Russia No. 382-P, Standard of the Bank of Russia of service station of BR IBBS-1.0-2014 and Federal law No. 152-FZ "About personal data" was carried out and also the list of measures for elimination of the revealed discrepancies is created. Models of the violator and security risks of personal data at their processing were developed in ISPDN bank. Consultants of DialogNauka carried out classification of data assets of bank and risk analysis of cybersecurity by specially developed technique. The technical specifications on an information security system were developed.

Further the internal documents regulating questions of security of PDN, information security management and an information security system of bank in general were developed and finished.

Within a final stage of rendering services final conformity assessments of SOIB to requirements of Provision No. 382-P and service station BR IBBS-1.0-2014 were defined. Also consultants of DialogNauka prepared the reports containing the conclusions according to the results of check of compliance to requirements which reflected high positive assessment of results of accomplishment by bank of requirements for ensuring data protection, together with the list of recommendations about improvement of SOIB of bank.