Commercial Internet Banking Risk Assessment and Controls Evaluation

Personnel Security:

  1. Are employees required to sign an Acceptable Use Policy (AUP)?
  2. Does each employee using internet banking go through security awareness training?
  3. Do you complete background checks on employees prior to hire?

System Security:

  1. Is a dedicated system used for internet banking activities?
  2. Do systems have up-to-date antivirus software?
  3. Is there a process in place to ensure software updates and patches are applied (e.g., Microsoft, web browser, Adobe products, etc.)?
  4. Do users run as local administrators on their computer systems?
  5. Does a firewall protect the network?
  6. Do you have an Intrusion Detection/Prevention System (IDS/IPS) in place to monitor and protect the network?
  7. Is internet content filtering being used?
  8. Is email filtering being used?
  9. Are users of the internet banking system trained to manually lock their workstations when they leave them?
  10. Is wireless technology used on the network with the internet banking system?

Physical Security:

  1. Are critical systems (including systems used to access internet banking) located in a secure area?
  2. How are passwords protected?

Previous Experience:

  1. Have you experienced fraud through internet banking in the past?
  2. Has malware been discovered on systems used for internet banking activities in the past?

© Tandem

Alternative logo

You Are Now Leaving Stellar Bank

Stellar Bank's website terms, privacy and security policies don't apply to this site you're about to visit. Please review it's website terms, privacy and security policies to see how they apply to you. Stellar Bank isn't responsible for (and doesn't provide) any products, services or content at this third-party site, except for products and services that explicitly carry the Stellar Bank name.

Please click Continue to proceed or Cancel to return.