How to get into the register of the Bank of Russia with ITGLOBAL.COM SECURITY? Experience of Credit Systems Company
ITGLOBAL.COM SECURITY specialists conducted a pre-audit in accordance with GOST R 57580 for Credit Systems, thanks to which the company was included in the Register of Financial Platform Operators. In this article we tell you what tasks the customer faced and how they were solved.About the customer
. “Credit Systems” is an aggregator of loan issuance, which allows the client to compare the offers of banks, choose the right conditions for himself and quickly conclude a remote transaction.
Challenge
. The Bank of Russia has a project called “Marketplace” – an online service where one can purchase financial products from different organizations on one platform around the clock. Deposits, bonds, mutual fund units, MTPL and mortgage loans can be made through the Marketplace.
In order for Credit Systems, like other financial platform operators, to appear in the marketplace, it must meet a number of requirements and be in the register of financial platform operators of the Bank of Russia.
In order for the Bank of Russia to make a positive decision and enter the company into the register, it was necessary to fulfill the requirements of Bank of Russia Regulation N 742-P of 03.12.2020. This document is devoted, among other things, to the protection of information in applicant companies. One of the central requirements for job applicants is compliance of information security with GOST R 57580.
“Credit Systems” turned to ITGLOBAL.COM SECURITY in order to improve information security processes and, as a result, get the necessary assessment of compliance with the requirements of GOST R 57580 and enter the “Register of Financial Platform Operators.”
Solutions
ITGLOBAL.COM SECURITY specialists undertook the pool of work to solve the client’s tasks. The project was realized in three stages:
Preliminary audit of the company for compliance with the requirements of GOST R 57580
. During the preliminary audit, ITGLOBAL.COM SECURITY specialists checked the company’s information infrastructure and the maturity of information security processes for compliance with the requirements of GOST R 57580. The specialists also assessed the information security processes and components of the company’s IT infrastructure for compliance with the standard. As a result, minor deviations were identified, which were further processed in accordance with the developed recommendations.
Improving the company’s information security
After conducting a pre-audit and identifying some discrepancies, ITGLOBAL.COM SECURITY specialists helped to implement new information security processes in the company’s work and improve the existing ones, while maintaining the efficiency of business processes. As a result, the client’s information infrastructure and processes became compliant with the requirements of GOST R 57580 and global best practices of various IS standards.
Security operation center (SOC) from ITGLOBAL.COM SECURITY
. According to the requirements of GOST R 57580, the company must organize consolidated storage and processing of information security events. To fulfill this requirement, the customer decided to use the services of ITGLOBAL.COM SECURITY and connect to the Information Security Monitoring Center (SOC) service.
Results
. As a result of the work performed, the company “Credit Systems” improved information security processes and, thus, met the requirements of GOST R 57580 and, as a consequence, entered the “Register of Financial Platform Operators”. The cooperation allowed the company to increase the inflow of new clients and more actively develop new services and business directions.