cprlorca is CUNA Strategic Services' exclusive Alliance Provider for security assessments, IT risk assessments and IT audits.

cprlorca’s highly regarded compliance solution for credit unions combines expertise in security systems and processes, a deep knowledge of industry compliance requirements, and a cloud-based delivery platform that gives your insititution the ability to automate much of the compliance process internally. 


The Compliance Challenge

Credit unions face an ever-evolving body of security-related regulatory standards, including the Gramm-Leach-Bliley Act (GLBA), the Federal Financial Institutions Examination Council (FFIEC) and the enforcement agencies including the National Credit Union Association (NCUA), and individual state regulations.   

Credit unions must demonstrate compliance  to protect member information from breaches and assure the trust among their members. The FFIEC guidelines require credit unions to perform a risk assessment that will be the basis for an information security program, which must meet the requirements of the GLBA 501(b) guidelines. The information security program should include policies and procedures that prevent unauthorized access to confidential data. Credit unions can meet these requirements leveraging cprlorca's cloud-based software solution, TraceCSO, or cprlorca's information security analysts to deliver the risk assessment.


The cprlorca Compliance Solution

cprlorca provides compliance and risk management solutions to credit unions of all sizes that help them achieve, maintain and demonstrate security compliance while significantly improving their security posture. Credit unions leverage cprlorca's on-demand, web-based applications backed by expert information security services and analysis to address all critical components of their security compliance program, including people, process and technology.

cprlorca has committed significant resources to investigating, identifying and resolving issues specific to credit unions of all sizes. As a result, we have a deep level of understanding about the unique needs of your industry. Seasoned experts from cprlorca will help you demonstrate compliance to security policies, guidelines and best practices. At the same time, we help protect the personal financial information of your members and ensure the integrity of your data. This comprehensive solution can help you meet your specific regulatory challenges – all while providing you maximum flexibility and cost control.

Because cprlorca is not involved in the design, installation, maintenance or operation of your systems, we can help you avoid conflicts of interest with your managed IT vendors by providing a truly independent evaluation that is in compliance with regulatory standards. Our security and compliance consultants offer a full range of assessment, testing and training services that will assure your organization’s compliance with all current mandates.  Services include:

  • Security Assessment: An independent test of the information security program.
  • Risk Assessment: To identify reasonably foreseeable risks that could result in service interruption or unauthorized disclosure, misuse, alteration, or destruction of confidential information.
  • IT Security Audit: An audit of the controls supporting the information security program.
  • Penetration Testing: A test of weaknesses using ethical attempts to exploit vulnerabilities.
  • Social Engineering: To test if employees are adhering to security policies.
  • Application Testing: Determines the strength of your online application security profile and identifies layer vulnerabilities.
  • Wireless Assessment: Provides a detailed look at the current risk of your wireless implementation as our security analysts attempt to compromise systems and information through ethical hacking methods.
  • Security Training: Flexible, customizable security awareness training.
  • Advanced Persistent Threat Assessment: A realistic assessment that fulfills several testing objectives simultaneously – all while reducing cost and delivery time compared to identical, individual security assessments, penetration testing and social engineering engagements.

Unlike solutions from conventional providers, these are not one-off services backed with limited expertise and resources. Your organization has access to teams of security experts who provide complete support and consultations through every phase of your engagement. Whether you have questions concerning specific policies or need assistance with remediation strategies, cprlorca provides the expertise you need to quickly and accurately resolve any security compliance issue.


Our TraceCSO solution includes an integrated cloud-based compliance management platform:

You can automate and customize your organization’s ongoing compliance program with a powerful and remarkably affordable solution that is designed to make your information security program a valuable management asset that literally makes your organization compliant by default. Features include:

  • An intuitive, integrated dashboard to provide visibility into your information security program.
  • The ability to conduct unlimited, on-demand network vulnerability scanning.
  • The ability to facilitate an ongoing review of compliance with relevant industry security requirements.
  • Streamlined creation of security policies, distribution of policies, and reporting on acceptance of policies.
  • The ability to reduce training costs by creating internal employee training programs on policies, security and other topics.
  • On-demand report generation for auditors, board, management, and technical staff.
  • Facilitation of the internal risk management program.
  • Facilitation of the internal audit program.

Credit unions can also ensure they meet the latest 2015 NCUA cybersecurity guidance, dated January 2015 (15-CU-01). Through a combination of incident response policies and TraceCSO incident reponse capabilities, credit unions can implement their incident response plan automatically and provide thorough documentation and reporting for their next NCUA audit. TraceCSO includes pre-built workflow, forms and testing capabilities that allow the institution to prove they have the capacity to recover in the event a cyberbreach should occur. Contact us to learn how TraceCSO delivers a best-practice workflow for response to a breach – from notification and containment, investigation and mitigation, through testing and reporting for auditors.


We streamline processes so that you save time, money and effort!

Our software solutions help you develop standard, repeatable compliance processes so that you reduce the burden on your staff, as well as build a solid and efficient foundation for future compliance procedures. One of the biggest advantages our solutions provide is the ability to reduce the amount of time needed preparing for auditors. You can quickly and efficiently produce detailed reports critical to demonstrating adherence to compliance requirements.

Test de Penetrare, Scanare de Vulnerabilitati, MoldovaTeste de Penetrare, Scanari de Vulnerabilitati, MoldovaPenetration Testing Moldova, Penetration Test Moldova, LogicalPoint