Shared Assessments Program Introduces Streamlined "SIG Lite" Security Assessment Questionnaire

Share Article

The Financial Institution Shared Assessments Program today released a new version of its Standardized Information Gathering questionnaire, SIG 3.1. The new SIG includes a "SIG Lite" -- an abbreviated questionnaire that can be used when a full questionnaire is not required. The SIG Lite was developed in response to member requests for a tool to qualify prospective vendors for further due diligence and evaluate low-risk vendors' security profiles.

News Image
We are thrilled that so many important industry players are seeing the need for the Shared Assessments Program and reaping the benefits of participation.

The Financial Institution Shared Assessments Program today released a new version of its Standardized Information Gathering questionnaire. The program's Technical Development Committee created the improved questionnaire, called SIG 3.1.

Launched in February 2006, the Shared Assessments Program was founded by BITS members The Bank of New York Mellon, Bank of America, Citi, JPMorgan Chase and Wells Fargo & Company. The program is improving the service provider assessment process by introducing common-sense efficiencies and cost savings while raising the bar on outsourcing security across the industry.

SIG 3.1 includes a "SIG Lite" module, a 54-question tool that can be used when a complete questionnaire is not required. The SIG Lite was developed in response to member requests for a tool to qualify prospective vendors for further due diligence and evaluate low-risk vendors' security profiles.

More than 55 firms participate in Shared Assessments. More than 70 questionnaires and full assessments are known to have been completed, and over 4,000 individuals have downloaded the program documents. Shared Assessments are increasingly being used internationally, particularly in India and Brazil.

In October 2007, the Shared Assessments Program released version 3.0 of its security documents. The documents were updated with new standards including those for application security, risk management, incident response, wireless security, and mapping to ISO 27002:2005, COBIT 4.1, and PCI DSS v.1.1. The documents are available for free download at http://www.bitsinfo.org/fisap.

"We are thrilled that so many important industry players are seeing the need for the Shared Assessments Program and reaping the benefits of participation." Catherine A. Allen, Chairman and CEO of The Santa Fe Group, which manages the program for BITS. "SIG 3.1 is yet more evidence of our members' commitment to continuously improving the Shared Assessments tools."

For more information, see http://www.bitsinfo.org/fisap.

About BITS
BITS (http://www.bitsinfo.org) was created in 1996 to foster the growth and development of electronic financial services and for the benefit of financial institutions and their customers. A nonprofit industry consortium that shares membership with The Financial Services Roundtable, BITS seeks to sustain consumer confidence and trust by ensuring the security, privacy and integrity of financial transactions. BITS works as a strategic brain trust to provide intellectual capital and address emerging issues where financial services, technology and commerce intersect, acting quickly to address problems and galvanize the industry. BITS' activities are driven by the CEOs and their appointees--CIOs, CTOs, Vice Chairmen and Executive Vice Presidents--who make up the BITS Advisory Board and BITS Advisory Council. For more information, go to http://www.bitsinfo.org.

About The Santa Fe Group
The Santa Fe Group (http://www.santa-fe-group.com) is a strategic partner and preferred provider to BITS. The Santa Fe Group is a strategic consulting company providing expertise to clients on cyber security, critical infrastructure protection, fraud reduction and payments strategies. Drawing from the most advanced thinking in the industry, a national network of technology and security experts, and our deep knowledge of industry regulatory and legislative issues, we bring outstanding results to our clients.

###

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Susanna Space
The Financial Institution Shared Assessments Program
505-466-6434
Email >

Susanna Space