When we did our information security risk assessment, we included our in house computer system, Internet banking and phone banking in it. I am hoping that this is enough. No complaints from examiners at our last exam which was last year.
_________________________
Member of the National Sarcasm Society - like we need your support!