Pub. 9 2014-2015 Issue 5

January | February 2015 21 Extraordinary Service for Extraordinary Members. C A P I T A L M A R K E T S G R O U P SINCE 1985, WE’VE DELIVERED THE FINANCIAL SERVICES community banks need. But only after establishing what they really want: a solidworking relationshipwith professionals who put people first. Call us to get started. • Portfolio Strategy, Sales and Service • Bond and Securities Underwriting/Trading • Comprehensive ALM and Derivatives Consulting • BancPath® and FlexLoan® via Asset Management Group ent risk rating, and your controls brought it down to a low overall risk, then you really want to make sure those controls are working. Do you want to make sure all controls are work- ing? Sure. But you’re going to put more verification, oversight, and auditing in place on these controls than you would on a system that started out with a low inherent risk rating. Risk Management Plan/Details This is where I believe your risk assessment work provides value. It’s sort of the conclusion to each risk rating. This is where you decide if your controls are sufficient. If the risk level is too high for you, you may want to add additional con- trols, research other options, or transfer some of your risk to an insurance company if applicable. You may want regular testing done to ensure your controls are working. You may want to document target dates for implementing something new in response to the overall risk level. This is your action item section. Understanding and utilizing these options can make your risk assessment a living document that helps your institution make informed decisions about controls and offerings.  Stephanie Chaumont is a security and compliance consultant for CoNetrix. CoNetrix is a provider of information security consulting, IT/GLBA audits and security testing, and tandem—a security and compliance software suite designed to help financial institutions create andmaintain their Information Security Program. Visit CoNetrix at www.conetrix.com. innovative Nebraska banks provide innovative financial solutions to the communities they serve. We are here to enhance your success. Loan Origination and Workout Loan Participations Bank Mergers and Acquisitions Succession Planning for Owners Commercial Litigation Regulatory Consultation and Compliance Loan Default Remedies and Bankruptcy Representation Real Estate Purchase, Sale and Leasing General Business Representation Lincoln Omaha Denver www.woodsaitken.com