netAssess Security Services
Compass Group Consultants provides
a full range of independent network security testing services that are fully compliant with FFIEC regulatory guidance,
as well as the independence requirements recently outlined in the Sarbanes-Oxley Act and by the Securities and Exchange Commission.
To accommodate diversity in Bank network size, complexity and scope of operations, Compass Group Consultants offers three distinct
pre-defined levels of independent external network security testing services through their netAssess External product portfolio.
| netAssess External |
| Feature || Baseline || Standard || Premium |
|Information Gathering and Reconnaissance ||* ||* ||* |
|Scan of 1 IP Address ||* ||* ||* |
|Vulnerability Assessment of Available Services ||* ||* ||* |
|Executive Summary and Management Report ||* ||* ||* |
|Testing Process Overview and Supporting Documentation ||* ||* ||* |
|Optional Scans of Remote Branch VPN Connections ||* ||* ||* |
|Limited Dial Testing || ||* ||* |
|Optional Scans of additional Primary IP Addresses || ||* ||* |
|Information Security Policy Inventory || || ||* |
|Intrusion Detection and Incident Response Policy Review || || ||* |
Ranging from our Baseline netAssess External test for banks with a single IP address to our Premium service for institutions
with larger and more dynamic network environments, each of our netAssess External programs not only exceeds minimum regulatory testing
requirements but also provides value-added information security reporting to assist in managing your institution's risk exposure.