Woodland Bank Case Study – Scout for ‘what-if’ analysis
Woodland Bank Secures New Loan Production Office
Woodland Bank is a family owned institution with a 90-year history of service to the families and businesses of Minnesota. With six branch locations throughout the north central region of the state, the bank has established itself as a modern, forward-thinking organization. Woodland Bank opened a separate loan production office, supporting increased residential and commercial development in their area.
The Bank’s Challenge
Woodland Bank was planning to open a loan production office and needed to initiate proper security measures that would protect its customers and comply with regulatory requirements. Even though the office wouldn’t process cash, the bank still needed to secure customer information stored on the server and desktops. Chief Operations Officer, Jenn Spartz, understood the security challenges but needed to communicate this unique environment to her board. She turned to Scout to create a hypothetical risk scenario that would not only double-check her own risk expectations but then help the board decide whether or not to make a deeper investment.
Woodland Bank’s Scout Solution
Woodland Bank had already been using Scout for risk assessments across its six existing locations. That meant COO Jenn Spartz had a strong head start on evaluating the new office’s needs. Scout streamlined the process, enabling her to copy common asset features (such as network information) from existing branches to a risk assessment for the new office. After that it was a matter of simple edits to create a risk assessment consistent with the new facility’s intended design and purpose.
While management understood the loan production office would be different than a full service branch, going through the Scout risk assessment clarified the differences. Not only did Scout help document the risks that were atypical of a traditional branch, it allowed the risk team to test the impact of various security controls and refine facility design.
Highest ROI. Using Scout as a ‘what if’ tool helped the team assess and evaluate additional security measures such as a stronger server room door and more locks. Because the risk assessment revealed vulnerabilities that meant the bank would have to allocate more money, the team wanted to find those security upgrades that would provide the highest return on investment.
Board Approval. Once the risk assessment was complete and recommendations established, the COO used Scout’s graphical reporting tools to present her case to the board. Scout allowed her to illustrate the risk environment and security options in a visual format the board could readily understand.
Upon review, the board agreed that additional controls were required. Scout gave them the information they needed to step back before build-out plans were complete and implement additional security controls that would address the uniqueness of the new loan production facility.
Scout also assisted the bank in meeting a basic regulatory requirement for board oversight. Once the board understood the risk environment, members opted to accept certain risk elements instead of mitigation. The risk environment was understood, communicated, and acknowledged—as required—giving the bank a strong foundation for future security planning.
“The board wasn’t thinking about all the information that’s housed on our networks. Scout helped me put it in perspective for them, and they allocated funds to put additional security in place.” – Jenn Spartz
After implementing Scout, Woodland Bank realized numerous benefits including the following:
Spent less administrative time compiling the risk assessment. Woodland Bank’s risk officer spent approximately eight hours on the entire risk mitigation process from initial risk assessment, to risk team meetings and board reporting. This is a fraction of what the process would have required under their old spreadsheet system.
Increased facility security by identifying vulnerabilities and presenting the board with a clear picture of the risk environment.
Minimized security spending by focusing on those controls that would provide the biggest impact for the dollars invested.
Earned examiner approval during an annual audit of the bank’s primary branch locations and established a strong foundation of risk assessment information for the new production office.
Capture Your Risk with Scout
Scout is a web-based risk assessment dashboard that automates the risk assessment process, tracks security controls, and simplifies the compliance process.
Compliance requirements are increasing. Stop trying to piece together information from a collection of unconnected spreadsheets. Get best practice templates, create clear proof-of-compliance logs and receive automated review schedules.
Scout gives you these competitive advantages:
- Reduce time spent on compliance
- Eliminate costly duplication of effort
- Spend less by identifying the highest ROI
- Gain useful business information for meaningful security
- Meet compliance requirements and enjoy smoother exams
The end result is better information security and business continuity—anything less can cost your institution untold amounts in reputational damage, fines and crisis response costs. Proactive mitigation is essential to longterm success.
Scout includes integrated modules for GBLA, controls audit, Red Flags, Vendor Management and BSA.
To learn more about Scout,
call 608.785.7101 or visit
WoodlandBankCaseStudy.pdf application/pdf Object.
