Security Compliance Associates

Security Compliance Associates (SCA) will conduct an evaluation of the measures the institution employs to provide for the physical security of the institution's information systems as well as consumer information and vital records maintained on other media, i.e. paper, microfiche, CD's, flash drives, etc.

SCA will review and assess the client's deployment and use of alarm systems, surveillance systems, access controls, vendor/visitor controls and oversight and management of couriers and janitorial personnel.

SCA will review and assess eleven key issues within three broad areas critical to effective data facility security. They are:

Administration

• Identification
• Courier/Message Service
• Janitorial Services
• Access Controls

External Conditions

• Exterior Lighting
• Roof Access
• Air Ducts
• Exterior Doors

Vital Records and Information Security

• Server Room

• Media Storage and Protection

Keeping in mind the phrase, "you're only as strong as your weakest link". SCA will attempt to penetrate non-public areas of the facility during and after business hours, attempt to gain access to employees' computers, attempt to gain access to sensitive documents and information stored on other media and will conduct e-mail phishing to test and evaluate employee security awareness and response within the scope proper company and compliance.