Pub. 10 2015-2016 Issue 5

January/February 2016 23 Extraordinary Service for Extraordinary Members. Ty Purcell is a security and compliance consultant for CoNetrix. CoNetrix is a provider of information security consulting, IT/GLBA audits and security testing, and tandem—a security and compliance software suite designed to help financial institutions create andmaintain their Information Security Program. Visit CoNetrix at www.conetrix.com to learn how CoNetrix can improve your cybersecurity maturity. 10. Provide technical documentation of how the softwareworks. This includes lists of software utilized (operating systems, databases, web servers, etc.), tech- nical network diagrams, and logical network diagrams. Include network ports and protocols used for commu- nication and where they are used. Having this level of documentation for a systemhelps IT staff determine how the software will work in your environment and define any additional controls that may be needed. By asking the right questions, you can choose a software vendor who will not bring down your organization’s informa- tion security level. In addition, your IT staff will have a better understanding of how the software operates and will be more efficient in troubleshooting and operations. Make sure you get requirements, service level agreements, penalties, or exit clauses written into the contract before you sign. Then hav- ing a vendor adhere to the contract items will increase the organization’s security level, and will have a positive impact on your next IT audit and regulatory examination.  1 Krebs, B. (2014, February 14). Target Hackers Broke In Via HVAC Company [Web log post]. Retrieved December 18, 2015, from http://krebsonsecurity. com/2014/02/target-hackers-broke-in-via-hvac-company/ Nebraska banks provide innovative financial solutions to the communities they serve. We are here to enhance your success. Loan Documentation and Negotiation Loan Participations Bank Mergers and Acquisitions Succession Planning for Owners Commercial Litigation Regulatory Consultation and Compliance Loan Default Remedies and Bankruptcy Representation Real Estate Purchase, Sale and Leasing General Business Representation Nathan J. Gurnsey (402) 437-8534 Andrew B. Koszewski (402) 437-8531 Frank J. Mihulka (402) 898-7413 Michael D. Matejka (402) 898-7409 Jill D. Fiddler (402) 437-8532 Daniel R. Carnahan (402) 898-7433 www.woodsaitken.com Omaha Lincoln Denver