R. Kinney Williams - Yennik, Inc.
R. Kinney Williams

 
Yennik, Inc.

Internal - VISTA Penetration Study
Internal Penetration-Vulnerability Testing
for US banks, savings & loans, and credit unions

cybersecurity, cloud computing, cloud, auditing the cloud, vista, penetration, penetration study, internal, intranet, intranet test, internal test, vulnerability internet security test audit, vulnerability test, vulnerability testing, scan, scanning, web site audits, internet web site audits, internet audits, bank, banking, consulting, bank consultants, bank consultant, information systems, information systems audits, is audits, auditing, edp audit, edp audits, web page auditing, web page audits, internet auditing, penetration testing, intrusion audits, internet security, network security, internet compliance, internet compliance audits, it audits, gramm, leach, bliley, gramm leach bliley act, weblinks, weblink, weblinking, risk, risk assessment, social engineering, cloud computing, cloud, auditing the cloud, virtual machines, vmware, vm ware, vulnerability internet security test audits


The internal penetration-vulnerability test meets the independent security testing requirements of the FDIC, OCC, FRB, and NCUA as outlined in the Information Security booklet.  The requirement states in part "High-risk systems should be subject to an independent diagnostic test at least once a year."  Since your core application (customer confidential deposit and loan information) is on the network, your IT operation would be considered "high-risk." 

When your financial institution needs an independent internal penetration-vulnerability test of your internal network, which includes virtual machines, the Internal-VISTA penetration study is the answer to your internal security auditing needs. 
Please complete the Internal - VISTA information request form to receive due diligence information about our company, VISTA agreement, and fees.  All communication is kept strictly confidential.

OCC’s “Audit Firm Rotation” letter dated October 12, 2016 states "There is no OCC guidance or directive to examiners that would require or promote the termination of a third-party relationship due to the length of the relationship."  You can find the complete letter at http://www.yennik.com/occ_10-12-16_rotation_letter.pdf.

FDIC in regard to changing your pen-test vendor, the FDIC letter date 11-18-16 states "The FDIC does not require financial institutions we supervise to change penetration testing firms on a periodic basis. Any such decision would be up to bank management." You can find the complete letter at http://www.yennik.com/fdic_10-18-16_rotation_letter.pdf


With the Gramm-Leach-Bliley and the regulator's information technology (IT) security concerns, it is imperative to take a professional auditor's approach to testing your internal connections to the network, which translates into the need to conduct a thorough penetration-vulnerability test of your internal computer operation including virtual machines.

We send you the pre-programmed internal scanner box that you connect to your network like a workstation.  After testing, the scanner box is returned; therefore, you have no hardware or maintenance costs.  Since we control the scanner box programming and testing, we provide the independent testing required by the regulators.  Click to enlarge the scanner box.
 The scanner box connects to the network just like a workstation.

Frequently asked questions about internal penetration-vulnerability testing.
Sample penetration-vulnerability test results used by your IT professionals - IT Project Report

The Gramm-Leach-Bliley Act, information technology best practices, bonding companies, and examiners are  requiring an independent third-party Internal security tests for banks, savings & loans, and credit unions.

We are IS auditors that only work for federally insured deposit institutions, and therefore, we understand the special regulatory requirements and security issues placed on your institutionAs auditors, we perform the vulnerability test of your Internal connection.  

The Internal-VISTA Penetration Study provides your institution the independent test of your IT security required by the regulators.  The test is performed by R. Kinney Williams, CFE, CISM, CGEIT, CRISC who is an IT auditor with over 30 years experience auditing  IT departments for financial institutions.  

We have clients in 42 states and have
more than 21 years experience as a former examiner.  R. Kinney Williams is accredited by the Information Systems Audit and Control Association (ISACA) as a Certified Information Security Manager (CISM) and Certified in the Governance of Enterprise IT (CGEIT).  Mr. Williams is also a Certified Financial Examiner (CFE) by  the Society of Financial Examiners (SOFE.)

The penetration-vulnerability test focuses on your network from a internal hacker's perspective to identify vulnerabilities that will allow a hacker to infiltrate and possibly control your computer operation.   

Unlike most of the IT security testing companies, Yennik, Inc. does not sell hardware or software.  We are professional IT auditors.  We are not in competition with your contracted IT professionals.  Many outsourced IT professionals refer our services to their clients because we are an independent IT auditing company that can provide the required independence necessary for penetration-vulnerability testing.

Why should we use the Internal VISTA security testing services instead of another company?

Please complete the Internal - VISTA information request form to receive due diligence information about our company, VISTA agreement, and fees.  All communication is kept strictly confidential.

Frequently asked questions 

 

FREE weekly Internet Banking News - subscription form
(Every week, over 2,900 subscribers stay current with IT security,
IT regulatory issues, web site compliance, Internet privacy, and Internet security.)


Member of the Society of Financial Examiners (SOFE),
Association of Credit Union Internal Auditors (ACUIA),
The Institute of Internal Auditors (IIA), and
Information Systems Audit and Control Association (ISACA).

 

Company Information
Yennik, Inc.
4409 101st Street
Lubbock, Texas 79424
Office 806-798-7119
Examiner@yennik.com

Please visit our other auditing sites:
The Community Banker - Bank FFIEC & ADA Web Site Audits
Credit Union FFIEC & ADA Web Site Audits - Bank Auditing Services
Medical Records Security
US Banks on the Internet  
US Credit Unions on the Internet
Penetration-Vulnerability Testing

 All rights reserved; Our logo Yennik, Inc. is registered with the United States Patent and Trademark Office.
Terms and Conditions, Privacy Statement, Copyright Yennik, Incorporated
VISTA

We are Americans and will never be defeated.