Comprehensive Operational & Regulatory Risk Assessments

We provide comprehensive risk assessment services to help institutions identify, evaluate, and mitigate potential threats across various operational areas.

Request For Proposal
Ask Question
Get The Expertise You Need
23
+
Years of Success
800
+
Organizations Assisted
38
States Represented

Comprehensive Operational & Regulatory Risk Assessments

We provide comprehensive risk assessment services to help institutions identify, evaluate, and mitigate potential threats across various operational areas.

Request For Proposal
HELPING YOU NAVIGATE
Cybersecurity Threats
Regulatory Compliance
Operational Risks

Risk Assessments
Actionable Insights to Enhance Risk Mitigation & Regulatory Compliance

NETBankAudit offers proven, workable solutions to address management's growing responsibility for risk assessments. We utilize industry frameworks such as NIST and FFIEC to cover a wide range of risk areas, from enterprise-wide concerns to specific operational risks, ensuring comprehensive coverage of your risk landscape. These risk assessments are often combined with audits and testing to increase effectiveness and efficiency of your operations.

OUR SERVICE

Safeguard Your Institution with Expert Risk Analysis

Enterprise-wide and IT Risk Assessments
Enterprise-wide and IT Risk Assessments
Operational Risk Assessments
Regulatory Compliance Risk Assessments
Awareness Training

Comprehensive Enterprise and IT Risk Assessment Services

NETBankAudit provides in-depth risk assessment services focusing on enterprise-wide and IT-related risks. Our experts use industry-standard frameworks to evaluate your institution's risk landscape. We identify vulnerabilities, assess their impact, and develop mitigation strategies. Our services cover areas from enterprise risk management to specific IT and cybersecurity concerns, ensuring a holistic approach to risk assessment.

We provide our clients:
  • Enterprise-wide Risk Management (ERM) assessment
  • Information Technology Audit risk evaluation
  • Information Technology Operations risk assessment
  • Cybersecurity risk evaluation
  • Virtualization risk analysis
Information Security risk analysis, including:
  • NIST 800-30, Rev.1, 800-39 compliance
  • GLBA 501(b) requirements
  • FFIEC IT Booklet – Info Security alignment
  • NCUA Appendix A to Part 748 compliance
  • HIPAA – Privacy & Security Rules adherence
  • ID Theft/Red Flag risk assessment

Specialized Operational Risk Assessments

NETBankAudit's team of certified Senior Auditors bring over 10 years of industry experience to identify and mitigate risks across financial transactions, project management, external vendors and social media. We provide proven, workable solutions to management’s growing responsibility for risk assessments by providing facilitation assistance, education and training.

We provide our clients:
  • Business Continuity Threat and Business Impact Analysis
  • Wire Transfer risk assessment
  • ACH risk evaluation
  • Internet Banking risk analysis
  • Remote Deposit & Branch Capture risk assessment
  • Project Management risk analysis
  • Vendor Management risk assessment
  • Social Media risk management evaluation

Comprehensive Regulatory Compliance Risk Assessments

NETBankAudit offers specialized risk assessment services focused on regulatory compliance. Our experts help financial institutions navigate complex banking regulations, identifying potential compliance risks and developing effective mitigation strategies. We provide comprehensive assessments, gap analyses, and ongoing monitoring to ensure your institution stays ahead of regulatory requirements and minimizes compliance-related risks.

We provide our clients:
  • Business Continuity Threat and Business Impact Analysis
  • Wire Transfer risk assessment
  • ACH risk evaluation
  • Internet Banking risk analysis
  • Remote Deposit & Branch Capture risk assessment
  • Project Management risk analysis
  • Vendor Management risk assessment
  • Social Media risk management evaluation
  • BSA/AML/CFT/OFAC risk assessment
  • Consumer Compliance risk assessment

Risk Assessment Methodology Development and Training

NETBankAudit helps financial institutions develop and improve their risk assessment capabilities. We establish robust, tailored risk assessment methodologies and provide staff training on risk identification and management. By building internal capacity for ongoing risk assessment, we help your institution maintain a proactive stance against evolving threats and regulatory requirements.

We provide our clients:
  • Development of customized risk assessment frameworks
  • Staff training on risk identification and evaluation techniques
  • Implementation of risk scoring and prioritization methodologies
  • An understanding of inherent and residual risks
  • Assistance with risk reporting and communication strategies
  • Ongoing support and consultation for emerging risk areas

Value-Add Consulting
Leveraging Decades of Industry Experience

As your trusted partner for compliance and security, our audits include informed recommendations to improve.
Request For Proposal
How NETBankAudit Delivers Value-Add Consulting:

Our Value-Add approach to auditing and compliance provides tailored, actionable advice drawn from our experts' practical industry experiences.

  • Senior-level auditing team each bringing 10+ years of industry and regulatory experience.
  • Our team has broad expertise with certifications from CISA, CISSP, CISM, CRISC and more.
Client-Focused Solutions
01
Tailored audit services addressing each institution's unique compliance challenges and risk profiles.
Deep Regulatory Expertise
02
Certified professionals and former examiners provide unparalleled regulatory insight to ensure compliance.
Proven Record of Success
03
Serving 800+ institutions across 38 states, with a proven history of enhancing compliance and exam readiness.
Over 20 Years of Experience Advising Financial Services
For over 20 years, NETBankAudit has been a reliable partner to financial institutions across the United States, providing specialized IT and cybersecurity audits, risk assessments, and compliance solutions.  
About Us
"NETBankAudit is more than just an audit firm. They take the time to truly understand your organization. By working as a partner they made recommendations that best fit our bank while helping us realize resources that were already at our disposal. The employees we work with are extremely knowledgeable and always available to assist"
Beth Worrell, EVP, Chief Risk Officer
Skyline National Bank
$855M total assets, OCC regulated
"We were very satisfied with the model validation of our Verafin System. The NETBankAudit team was great to work with, very professional and kept us in the loop throughout the engagement. We will definitely consider working with them again for the annual validation"
Ken Helmrich, CAMS, CFCS
Kearny Bank
$7B total assets, FDIC regulated
"NETBankAudit provides us with top notch Information Security Professionals to allow us to continually improve our organizations security posture. Springs Valley is able to utilize them to stay abreast of the changing regulatory and cybersecurity landscape. It is great to have a reliable resource like them as a valued partner."
Craig Buse, CLO, COO
Springs Valley Bank & Trust Company
$494M total assets, FDIC regulated
"We appreciate working with professionals respected in the financial services community for their individual expertise and their attention to detail in the audit programs.  Always accessible when we need their assistance. "
Teresa Welty, SVP Internal Audit and Risk Officer
Capital Bank
$1.8B total assets, OCC Regulated
"We have been doing business with NETBankAudit since 2018 and their team of professionals have been amazing to work with.  They are experienced, objective, and responsive in performing our audit. Plus, they have been readily available to assist us with any issues during regulatory exams."
Robin Harris, Vice President
Carolina Bank
$579M total assets, FDIC regulated
"The auditors have been very helpful and patient in giving us guidance with starting, developing, and improving our cybersecurity program. We have an active relationship with NETBankAudit and they are not just an audit firm. NETBankAudit wants us to succeed and not only meet regulatory requirements but understand them as well."
Leslie Nicely, Cybersecurity and BSA Officer
Highlands Community Bank
$172M total assets, FRB Regulated
"First Citizens National Bank selected NETBankAudit to provide audit services for Information Technology Systems in early 2005.  Since that time, we have added cybersecurity, digital banking, and network penetration testing.  NETBankAudit is not only our auditor, but our partner in developing new digital strategies, policies and procedures. When we are implementing anything digital, NETBankAudit is a resource we use to ensure we have covered all aspects of risk management"
Judy Long, President and COO
First Citizens National Bank
$2B total assets, OCC Regulated
"We were very satisfied with our first NETBankAudit experience and impressed with the thorough report. Working with our assigned auditor was a pleasure - he possesses great field experience and regulatory experience that was very helpful to us."
Dan Hagedorn, Audit Liaison/Compliance
International Bank of Chicago
$845M total assets, FDIC regulated
"NETBankAudit's auditor was very knowledgeable and explained clearly what was needed from our side to help complete the audit as well as providing clear recommendations on where we could improve our controls.  The audit was done very professionally. Everyone here at SECU that interacted with NetBankAudit here at SECU had the feeling of a partner."
Rodney Hill, VP Technology
Schlumberger Employees Credit Union
$945M total assets, NCUA regulated
"NETBankAudit serves as our internal auditing team. Their attention to detail and mastery of regulations are invaluable tools to our organization. During the audit, when they have a recommendation or finding, they partner with us and aide us in an internal audit liaison capacity. It is not a typical auditor firm’s approach, who just present their report and findings with limited direction or follow-up. NETBankAudit’s approach also helps us prepare for regulatory reviews with regular “heads-up” guidance and coaching. The examiners value NETBankAudit’s quality and depth of coverage and leverage the detailed audit work papers to facilitate the examination process. "
Dave Kittleson, Director of IT
Arundel Federal Savings Bank
$444M total assets, OCC regulated
"Being a community bank in a heavily regulated industry, we are constantly challenged to keep pace with expectations for protecting our informational and operational technology against existing and emerging threats.  NETBankAudit provided the cost-conscious bank-specific auditing solution we were looking for.  Their team of experienced professionals has been more than helpful in fine-tuning our policies and procedures, and the audits were thorough, informative, and meaningful.  By making themselves available for consultation or assistance between audit cycles, it is more of a “we” engagement and not an “us vs. them” engagement that really distinguishes NETBankAudit from others we have used in the past."
Charlie Robbins, Sr. VP & CIO
Volunteer Federal Savings Bank
$306M total assets, FDIC & TDFI regulated
"We are very satisfied with NETBankAudit’s IT Audit services. The people we worked with are very personable, knowledgeable, and professional."
Sue Richardson, ISO
BayPort Credit Union
$2.2B total assets, NCUA regulated
"We've partnered with NETBankAudit for over 10 years. We know we'll always receive a thorough review, but the service is always above and beyond our expectations. NETBankAudit keeps us apprised of recent regulatory changes, potential exam issues, and other areas for focus. Engaging NETBankAudit is creating a partnership for the future."
Leslie Hambrick, CFSA, CRMA
Peoples Bank, Newton, NC
$1.5B total assets, FDIC regulated
OUR ASSOCIATES

Our Experienced Auditing Team

Ken Barlow, CEO

Ken Barlow, CEO founded NETBankAudit with extensive IT and financial industry background. Prior to NETBankAudit, Ken led development of the first online interactive financial system for NASA HQ and identified the need for quality information security in financial institutions.

Principal Partner
Ken Barlow
CEO
David Hart, CISA, CFE, CRISC

David Hart, CISA, CFE, CRISC has been a partner for over 15 years, overseeing product and service delivery. Prior to NETBankAudit, David gained 15+ years experience as a bank examiner and internal auditor for Federal Reserve.

President, Partner
David Hart
CISA, CFE, CRISC
Cynthia Bonnette, CISA

Cynthia Bonnette, CISA led development of IT Audit and InfoSec Risk Assessment Programs. Prior to NETBankAudit, Cynthia was an FDIC senior bank examiner and Assistant Director of Bank Technology Group, authoring regulatory guidance.

Executive Director IS Audit and Assessment Partner
Cynthia Bonnette
CISA
Melissa Morrell, CMA, CBCA

Melissa Morrell, CMA, CBCA has been CFO & COO for 15+ years, managing finances, HR, and internal systems. Prior to NETBankAudit, Melissa gained experience in financial planning and management information systems.

CFO & COO Limited Partner
Melissa Morrell
CMA, CBCA
Mike Ford, CISA, CISSP, MCSE

Mike Ford, CISA, CISSP, MCSE specializes in bank information security with 15+ years experience. Prior to NETBankAudit, Mike was a Federal Reserve Bank examiner and bank IT manager in Community Banking and Health Care Industries.

Executive Vice President of Audit Services
Mike Ford
CISA, CISSP, MCSE
Mark Lohman, CISSP, CISA, CISM, CRISC, CDPSE, C|EH, MCITP

Mark Lohman, CISSP, CISA, CISM, CRISC, CDPSE, C\|EH, MCITP serves as EVP/CIO focusing on vulnerability assessment and penetration testing. Prior to NETBankAudit, Mark spent 20+ years in security, network design, and project management.

Executive Vice President/CIO
Mark Lohman
CISSP, CISA, CISM, CRISC, CDPSE, C|EH, MCITP
Alan Alai, CISA, CDPSE

Alan Alai, CISA, CDPSE brings 17+ years experience in IT practices and auditing. Prior to NETBankAudit, Alan worked as a Senior IT Audit Manager and developed expertise in internal controls for IT organizations and financial applications.

Director of Audit Services
Alan Alai
CISA, CDPSE
Joanne Bennett, CAMS, CAFP

Joanne Bennett, CAMS, CAFP contributes 30+ years of banking operations, compliance, and audit experience. Prior to NETBankAudit, Joanne held positions as BSA/AML Compliance Officer and Internal Control Consultant at various community banks.

Director of Compliance Services
Joanne Bennett
CAMS, CAFP
Harold B. Garrett Jr., CPA, CIA, CISA

Harold B. Garrett, Jr., CPA, CIA, CISA brings 25+ years of financial services experience. Prior to NETBankAudit, Harold served as Chief Executive Audit Officer for community banks, mortgage and trust companies, managing risk management functions.

Director of Audit Services
Harold B. Garrett Jr.
CPA, CIA, CISA
Chris Poteat, CISA, CISM

Chris Poteat, CISA, CISM offers 16+ years in IT practices and auditing. Prior to NETBankAudit, Chris worked with a regional accounting firm as a Senior IT Audit Manager, focusing on financial institutions and healthcare companies.

Director of Audit Services
Chris Poteat
CISA, CISM
Dennis Rowan, CISA

Dennis Rowan, CISA contributes 30+ years of enterprise technology audit experience. Prior to NETBankAudit, Dennis led a team of IT Auditors at Capital One, conducting audits on various banking applications and systems.

Director of Audit Services
Dennis Rowan
CISA
Chris Shields, CISA, CISM, CGEIT, CRISC, CDPSE, CAP, SSCP, CAMS

Chris Shields, CISA, CISM, CGEIT, CRISC, CDPSE, CAP, SSCP, CAMS brings 25+ years of experience in IT auditing, risk management, and Model Validations. Prior to NETBankAudit, Chris ensured operational and security compliance for various government agencies and audited community-based financial institutions across the United States.

Director of Audit Services
Chris Shields
CISA, CISM, CGEIT, CRISC, CDPSE, CAP, SSCP, CAMS
Joseph Spoolstra, CISSP

Joseph Spoolstra, CISSP serves as Director of Testing Services with 15+ years of experience in the financial services industry. Prior to NETBankAudit, Joseph supported clients with data analytics and reporting solutions for audit, risk, and technical testing products.

Director of Testing Services
Joseph Spoolstra
CISSP
Michael Young, CISA, CISSP, MCSE: Security

Michael Young, CISA, CISSP, MCSE: Security brings over 35 years of experience in Information Technology, with the last 20 focused on Information Security Management. Prior to NETBankAudit, Mike was the Director of Technology for a community bank in Florida and Information Security Engineer for a major US Airline.

Director of Audit Services
Michael Young
CISA, CISSP, MCSE: Security
Patrick Cowen, CPA, CISA, CIA

Patrick Cowen, CPA, CISA, CIA has worked in internal auditing since 2010 and in IT Auditing since 2014. Prior to NETBankAudit, Patrick spent the bulk of his career in banking at the branch level and is active in AGA, serving on national committees and as a board member.

Senior IT Auditor
Patrick Cowen
CPA, CISA, CIA
Vince DeHart, CISA, CISSP, CRISC, CGRC

Vince DeHart, CISA, CISSP, CRISC, CGRC brings over 15 years of experience in auditing with a background in information technology. Prior to NETBankAudit, Vince held roles in management, security, support, and application development within various sectors including financial services and government.

Senior IT Auditor
Vince DeHart
CISA, CISSP, CRISC, CGRC
Robert Jenkins, CISA, CISSP

Robert Jenkins, CISA, CISSP brings over 20 years of experience as an IT auditor and FRB bank examiner. Prior to NETBankAudit, Robert provided IT audit services to banks, law firms, and healthcare providers using ISACA/COBIT audit methodology.

Senior Auditor
Robert Jenkins
CISA, CISSP
Deborah King, CISA, CISSP, MCSA, CAFP

Deborah King, CISA, CISSP, MCSA, CAFP contributes over 30 years of experience in the community banking industry. Prior to NETBankAudit, Deborah held positions including Information Security Officer, Security Officer, and IT Manager.

Senior Auditor
Deborah King
CISA, CISSP, MCSA, CAFP
Richard Lee, CISA

Richard Lee, CISA offers 17 years of audit experience. Prior to NETBankAudit, Rick worked for the Federal Home Loan Bank of Boston as a Senior Information Systems Auditor, conducting COBIT-based audits and performing SOX testing.

Senior Auditor
Richard Lee
CISA
Heraa Mirza, CRCM, CAMS

Heraa Mirza, CRCM, CAMS has over 8 years of experience in banking within Compliance, Operations, Security and Audit. Prior to NETBankAudit, she held positions in community banking with responsibilities for BSA/AML compliance and team management.

Senior Auditor
Heraa Mirza
CRCM, CAMS
Tyrone Parker

Tyrone Parker brings over seven years of experience in the financial services industry. Prior to NETBankAudit, Tyrone's experience included AML Fraud Investigation, Audit, Regulatory Compliance, Operations, and Project Management.

Associate Auditor
Tyrone Parker
Luis Reyes, CISA

Luis Reyes, CISA contributes over 25 years of audit, consulting, and managing experience in the financial services industry and government sector. Prior to NETBankAudit, Luis served as an Information Security Officer for a $1.3 billion financial institution.

Senior IT Auditor
Luis Reyes
CISA
Glen Sexton, CISA, CRISC

Glen Sexton, CISA, CRISC brings over 20 years of experience in IT audits within the financial services, energy, and government sectors. Prior to NETBankAudit, Glen managed the audit process for a national financial industry core processing service and software provider.

Senior IT Auditor
Glen Sexton
CISA, CRISC
Matthew Gregory, CISSP

Matthew Gregory, CISSP contributes over 20 years of experience in telecommunications services and network infrastructure. Prior to NETBankAudit, Matt's background included WAN, MPLS, VoIP, wireless, and traditional analog networks.

Systems Security Engineer
Matthew Gregory
CISSP
Deno Plumley, CISSP

Deno Plumley, CISSP brings over 20 years of experience in IT support and management. Prior to NETBankAudit, Deno provided outsourced support services for small to medium sized businesses, acting as the CIO.

Systems Security Engineer
Deno Plumley
CISSP
Tyler Sells

Tyler Sells offers 6+ years of experience serving the financial services industry and 8 years of general IT support. Prior to NETBankAudit, he worked at a regional community bank as a network engineer implementing and creating technical solutions.

Senior Systems Engineer
Tyler Sells
Joe Sharp, CISSP

Joe Sharp, CISSP brings over 18 years of experience serving the financial services industry. Prior to NETBankAudit, Joseph worked at a regional community bank in both IT and Cybersecurity roles.

Systems Security Engineer
Joe Sharp
CISSP
Jamie Johnson

Jamie Johnson contributes ten years of banking experience. Prior to NETBankAudit, Jamie held positions of vault teller, assistant manager, and relationship banker at various banking and credit union industries.

Senior Relationship Manager
Jamie Johnson
Brian Lange

Brian Lange began his financial career in investment services and has served in various community banking leadership capacities over the past two decades. Prior to NETBankAudit, Brian focused on branch management and relationship development.

Senior Relationship Manager
Brian Lange
Ingo Schrodel

Ingo Schrodel brings 15 years of experience in the financial services industry. Prior to NETBankAudit, Ingo worked for large, complex financial institutions in a leadership capacity, managing high-value clients, branch administration, operations, and compliance.

Senior Relationship Manager
Ingo Schrodel

Mitigate Risks with Comprehensive Audits & Assessments

Request For Proposal
“We appreciate working with professionals respected in the financial services community for their individual expertise and attention to detail”
Teresa Wetly
SVP Internal Audit Manager @ Capital Bank

FAQs

Our goal is to equip institutions with the knowledge needed to make informed decisions, strengthening your compliance, security, and operational efficiency.

Ask Question
All FAQ's
How can financial institutions avoid regulatory criticism relating to their AML Monitoring systems?

Transaction monitoring systems are sometimes inadequately calibrated, resulting in too many false positives. This may impair the detection of potentially suspicious activity. Also, if a system is generating too few alerts, unusual activity may be undetected. A regularly scheduled review by an independent party and thorough analysis of filters and settings can ensure the transaction monitoring system is effective and performing as designed.

What are change management best practices in a cloud environment?

Change management in cloud environments offers unique challenges over on-premises technology environments due to the underlying cloud platform changes. Organizations need to have a solid understanding of what aspects of the cloud environments are being used and a current inventory should be maintained. Monitoring notifications and alerts on changes from the cloud provider should be performed and assessed if the changes will impact the organization's services. When impactful changes are identified technical staff should communicate these to the end users and perform training as needed. Traditional change management procedures should also be performed such as documenting user access changes, obtaining authorization for adding new services, and routine review of services and removing inactive assets.

What services does NETBankAudit offer?

NETBankAudit is a specializes in cybersecurity and regulatory compliance. We offer audits, testing, and consulting services. We perform over 250 IT/Operations and Regulatory Compliance Audits per year. We perform over 700 external and internal network vulnerability assessments with penetration testing per year. Our consulting primarily consists of risk assessment facilitation, model validations, program development, and Project Management/SDLC oversight.

How long has NETBankAudit been in business?

NETBankAudit was formed in 2000 by a team of IT bank executives and regulatory specialists. Convinced that advancements in information technology would significantly affect the future of banking, particularly in the movement of money and data through electronic channels, the team resolved to help bankers adjust to this changing environment. Since then, we have expanded to service over 800 institutions across 38 states.

Can NETBankAudit provide remote audit and consulting services?

Yes, NETBankAudit has been a virtual company since inception. We provided our first fully remote IT General Controls Audit in 2017 and validated our processes through the COVID Pandemic. Our remote audits are approved by all regulatory authorities.

What is Value-Add Management Consulting?

NETBankAudit provides a value-add approach to our audit process to serve as a true audit partner. Every auditor on our team has senior/executive level banking, operational, and/or regulatory experience in addition to certified auditing expertise. This provides our auditors with an informed perspective to prioritize recommendations to increase effectiveness, efficiency, and compliance.

Ask a Question
Thank you! We will email you the answer to your question shortly!
Oops! Something went wrong while submitting the form.
NETBankAudit Logo PNG
2024 NETBankAudit. All Rights Reserved.
Privacy PolicyTerms of Service