Click to return to BOL home page
Banker Store Read A Reg BOL Insiders Career Connect Learning Connect Bankers Information Network
 


MAIN CONTENT 
Compliance

    Agency Road Maps

    Alphabet Soup

    Compliance Tools

    FACTA/FCRA

    OFAC

Lending

    FACTA/FCRA

    Lending Tools

    SCRA

Marketing

Operations

    Check 21

    Operations Tools

    SAR Resrch Guide

Security

    AML/BSA

    Bank Robbery

    Counterfeits

    ID Fraud/Phishing

    Security Tools

Technology/eBanking

    Info Security


SPECIAL AREAS 
BOL Archives

BOL Blogs

Briefing Archive

Calendar

Court Watch

e-Card Exchange

Examiner's Corner

Executive Briefing

HR Corner

Infovault

Launch Pad

Regulator Roadmaps

Risk Management

Site Map

Site Orientation

Top Stories


~ ~ ~
SERVICES 
CrimeDex

Em@il Education

ID Verification


~ ~ ~
SHOP 

Banker Store

Bankers Info Ntwk

CONNECT 

Career Connect

Learning Connect

Guru Central

INTERACT 

Ask a Guru
Bankers Threads

Contact Us

Give Us Feedback


TOOLS 


60 Second Solutions

Alphabet Soup

Banker Tools

BOL Forms

FUN 

BOL Recipes

eCard Exchange

LEARN MORE 


About Our Sponsors
About Us




Red Flag Assessment Testing

BOL user "Rizzo" was preparing for the Red Flags rules and created a Red Flags risk assessment testing document that she has shared here. Rizzo participated in BOL Learning Connect webinars about the new Red Flag rules and developed this workbook based on what she learned. The file, "Red Flags Testing Menu - rfworksheet", is a component of the larger "Red Flags Assessment Testing Workbook - rftestmenu", and is provided here individually, and is blank. The "Red Flags Assessment Testing Workbook" contains the Risk Assessment Matrix and Red Flags Testing Menu.

The process charts were used for each covered product. The bank marked different ways the product could be obtained, accessed, identified possible threats and then listed controls that were in place addressing the red flags. The matrix is a summary page of the process charts.

The bank rated risks from 1-5 starting with selecting what the impact would be to the bank. From there, what is the inherent likelihood that breach would happen, yielding the inherent risk. For example:
  • Impact = 5,
  • Inherent Likelihood = 4
  • (5x4) yields an inherent risk a 20.
  • Residual likelihood (taking controls into consideration) = 3,
  • times the impact (5)
  • provides a residual risk of 15.
Rizzo's Board approved an acceptable rating of 10 for each product (yours may vary), so if the residual risk was more than that, it gets placed on a watch list, or the bank tries to figure out how to lower the score to an acceptable level. The "Red Flags Assessment Testing Workbook" has sample data included in it. You will have to delete and replace the sample data with your own assessments and may edit the products as well.

The bank then tested the controls and this is where the testing menu comes in to play (the smaller component file "Red Flags Testing Menu"). The bank then reviews the controls listed in the risk assessment to address each Red Flag and marks the worksheet to show if the Red Flag is indeed addressed (all 3 parts: Detection, Mitigation and Response). If it was addressed, the location of the coverage from policies and procedures is listed. If not, comments were made in the Gap Analysis column and the responsible party for that product was instructed to correct the deficiency.

Here are the two files, one in two formats (right click to save the files to your drive): 09-08-08



Access other Banker Tools on BankersOnline.com:







Privacy Policy    Disclaimer   Recommend This Site !   Contact Us


BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.