• State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 25 subscribers
  • Views 221 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

NCUA Policy Reports?

bit_herder

Hi All,

I work for the Credit Union industry governed by the National Credit Union Association (NCUA), which is a federal insurance agency not too dissimilar from the FDIC.  It is a different governing structure and we have our own security policies, but we are a much smaller industry.

Here's where the fun begins.  I am the one responsible for ensuring our IT infrastructure, specifically our network, is under compliance.  Great!  I'm looking forward to it, but the documentation is disparate and dated, for example, the last security letter I can find is from 2006!!@!$@!

Has anyone done the work of writing up a NCUA Policy Report?  If not, I'm happy to do so, but I want to make sure I'm not reinventing the wheel here.

Any help in deciphering these laws would be a great help, as I'm new to the financial industry.

IT Resources - General - Seems the place to start

Audit Examiner's Resources

IT Rules and Regulations - Very little help in regards to technical details

IT Laws - Looks perfect, except for the dates

IT Related Letters - Oh god, the dates

These two Questionnaires are the closest to what I'm looking for.  Regardless, I'm happy to translate all this legalese into technical requirements.  Any help would be appreciated interpreting and translating these!

Thank You,

Matthew

NCUA Member

  • 0

    Hi Matthew,

    Unless someone else replies, I'm not aware of that report being available.

    Translating the law to policy checks is always difficult.

    Please remember to upload the report to the content exchange once you create it.

    Good luck!

    Jiri

  • 0 in reply to cvachovecj

    I found out that you also have LEM. LEM can help you with NCUA as it has some reports out of the box.

    If you need more details, please ask in the LEM forum.

    Jiri

  • 0 in reply to cvachovecj

    Hi Jiri,

    I'm finalizing my Orion/NTA/NCM/Device Tracker implementation at the moment (getting the MAC addresses identified in DT, ensuring all configs are backed up, etc.)  All my alerts and flows are working. 

    In the next week or so, I'll be rolling out LEM, but I've never deployed it, so it may take me a bit to get rolling.  It's good to know there's NCUA reporting out of the box.  I still would like to have the ability to run a report in Orion and need to thoroughly understand the regulations of the NCUA regarding network architecture, so I will most likely be making a NCUA report for NCM as well.

    Thanks for pointing me in the right direction!

    Matthew

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.