Projects on Information Security

Our cumulative experience and qualifications enable us to successfully implement projects, both in developing the Information Security Management System (ISMS) as a whole or its individual elements, as well as to conduct independent assessments of the compliance of your bank’s ISMS with the provisions of regulations and standards, and also to develop and implement regulations and policies in the field of information protection.

Completed projects in information security:
For several Russian banks, FBK has developed requirements (based on preliminary diagnostics) to ensure information security when processing personal data in the banks’ information systems and prepared internal regulatory documents which govern personal data processing.

We have also completed projects at several Russian banks to audit (assess compliance of their) ISMS with the requirements of the Bank of Russia’s Standard on Information Security Management Systems (ISMS) in the Banking System of the Russian Federation 1.0.

Depending on the bank’s degree of readiness to implement the provisions of the Bank of Russia’s Standard on ISMS in the Banking System of the Russian Federation, assessments are conducted in the following formats:
  • rapid assessment of compliance;
  • assessment of compliance;
  • audit of the bank’s information security.
Assessments and rapid assessments have been conducted using software tools for assessing compliance which have been developed by FBK’s experts.
In processing the results of the audit, we use the Exact Flow Conformity Assessment software package, which is recommended by the Bank of Russia for conducting compliance audits.

At several banks we have worked on creating and modernising the ISMS at both the organisational and the technological level.

In the first area, our experts have developed organisational and procedural documents, such as general and privacy policies on information security and the provisions on the main measures needed to ensure information security – including managing access and registration in information systems and anti-virus protection when using the Internet and e-mail, and also in other areas to ensure information security.

In the second, technological area:
  • at one of the banks, we implemented a self-assessment system to test the compliance of the ISMS with the requirements of the Bank of Russia’s Standard on ISMS in the Banking System of the Russian Federation based on the provision and implementation of compliance assessment software developed by FBK’s experts;
  • at a number of banks, we established and implemented a system of information security risk assessment based on the methodology described in the documents of the Bank of Russia’s Standard on ISMS in the Banking System of the Russian Federation, including the development and implementation of the software tools for information security risk assessment;
  • at several banks, we developed plans to ensure the continuity of operations and disaster recovery activities (CO&DR).
Alexey Terekhov, FBK Partner and Vice-President for Auditing and Consulting Services to Financial Institutions, is always ready to tell you more about our services in information security and personal data protection for financial institutions.
E-mail -

FBK’s services in information security:

Back to the section
Send request
Contact information
Who are you? How can we contact you? (phone, Skype, other)
Please type in the symbols shown in the image below*
* - Required fields