Banks and credit unions need to evaluate risks, implement proper controls and invest in technology that helps them meet new demands outlined by the FFIEC. Chris Beier, a financial-services and online information security consultant, has had the opportunity to examine hundreds of solutions from different vendors. Beier has advised some of the country’s top 100 financial institutions, as well as several state government agencies regarding regulatory compliance and Internet site security. When choosing a vendor, Beier says banking institutions should consider: Is the vendor’s solution addressing the risks you’ve identified in your assessment? Is the solution continually improving and evolving as risks change?”]
Source: https://www.cuinfosecurity.com/ffiec-evaluating-vendors-a-4233