top of page

Virtual CISO/CIO Services

The Virtual CISO/CIO service is designed to fulfil the role of Chief Information/Security Office (CISO/CIO) for a credit union that needs knowledge and expertise in this area but may not require a full-time team member. The work objectives outlined would be key in driving a credit union’s strategic initiatives, ensure IT team goals are met and maintain regulatory compliance.

 

We work with your teams to gain an understanding of the current environment, business goals and objectives, as well as the challenges faced. From there, we will design a roadmap and annual plan to achieve the desired security posture and technology strategy. We operate as an extension of your team, seeking continuous improvement with opportunities for knowledge sharing and training.

 

Pricing is structured based on asset size and billed monthly over a three-year agreement. Overages and additional hours will be billed separately based on the estimates below.

 

CIO Services include:

  • Strategic Objectives – Up to 48 hours annually.

    • Three-year Strategic Technology Plan updated annually.

    • Three-year Technology budget updated biannually.

  • Regulatory Compliance – Up to 40 hours annually.

    • Information Security Risk Assessment.

    • Business Continuity/Business Impact Analysis.

    • Incident Response Program.

    • Comprehensive Information Security Program and Policies.

    • Annual Information Security Report for the Board.

  • Governance – Up to 8 hours annually.

    • Participation in IT steering committee meetings quarterly.

    • Quarterly board briefing (one-page summary report provided) covering:

      • Audit / Exam status.

      • Incidents/updates.

      • Project/initiative updates.

  • Monthly Team Meeting – Up to 24 hours annually.

    • Work with technical and management teams.

    • Updates on current and upcoming projects.

    • Track goals and objectives.

  • Audit/Examination Management – Up to 24 hours annually.

    • Coordinate preparation, Q&A, and reporting.

    • Guidance with remediation and response recommendations.

    • Tracked ongoing and updated regularly.

 

Optional additions to the program include Project Management, Tabletop Exercises, New Product Assessments/due diligence, NCUA ACET, management assistance (hiring, team development, etc.), incident response, etc.

 

Contact us today to learn more about the Virtual CISO/CIO Services package and to request a proposal with statement of work, customized to the specific needs of your credit union operations. Put our experience to work for you!

Contact Us

Strategic Technology Advisors - A CUSO serving Credit Unions!

Email. info@strategictechadv.com

bottom of page