RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2
Project

INLINE Technologies completed audit of an information system Roseksimbank

Customers: Roseksimbank

Product: Projects of external audit of IT and security (in tch PCI DSS and SUIB)

Project date: 2011/10

INLINE Technologies announces completion of assessment works of a corporate information system of ROSEKSIMBANK Ltd on compliance to requirements of the standard of the Bank of Russia of service station of BR IBBS-1.0-2010 and Federal law No. 152-FZ.

In a work progress examination of a corporate information system of Bank was conducted, information on processing of personal data is collected and conformity assessment to the Standard of the Bank of Russia and law FZ-152 is performed. Also recommendations about reduction in compliance with the current legislation of an information system of Bank were developed and costs for fulfillment of requirements of the Standard are calculated.

The carried-out works allowed Bank to receive objective and independent value assessment of implementation of the Standard of the Central Bank of the Russian Federation and to compare costs for implementation of the Standard to the cost of completion of an information security system in general and also to define extent of fulfillment of requirements of FZ-152. Besides, the complex of actions directed to reduction of an information system of ROSEKSIMBANK Ltd in compliance to requirements of the Standard of the Bank of Russia and to requirements of the legislation in the field of personal data protection was developed.

"Execution of requirements of regulators in the field of data protection is for us one of the priority directions in creation and improvement of information security systems of Bank, – Boris Yudin, the head of department of economic safety of ROSEKSIMBANK Ltd says. – Along with it for us it was important to find out expediency of use of the regulatory base of the Bank of Russia, FSTEC and FSB of Russia regarding ensuring personal data protection. As a result of the works which are carried out by INLINE Technologies it was succeeded to establish that following to the industry standard bears in itself several advantages, such as: complex approach, i.e. protection not only these clients and employees, but also valuable assets of Bank; the step-by-step approach to achievement of compliance; a possibility of return of investments thanks to reduction of risk of implementation of threats; existence of support from the regulator on behalf of the Central Bank of the Russian Federation. In addition, the Standard considers features of banking activity and information processing that it is also important when developing the strategy of development for an information system of Bank".


"In 2006 the Federal law of the Russian Federation No. 152-FZ "About personal data", regulating the processes connected with their processing was enacted, – Ogorodnikov Dmitry, the area director of information security of INLINE Technologies says. – As in an information system of bank personal data processing of both clients, and employees is performed, performance of the Law "About Personal Data" is obligatory for all representatives of the banking sector. Adoption of the standard by bank which includes requirements for personal data protection automatically results in compliance to the federal legislation and, besides, increases the level of security of an information system of bank".