Consulting + Professional Services    

At MM&T, we understand the disaster recovery, business continuity, and regulatory compliance planning issues, challenges, and risks your institution faces every day, at every level. Our team works directly with yours to develop, implement, test, and maintain comprehensive strategies, designed to satisfy internal and external requirements. Our goal is to instill a culture of compliance throughout your institution, so that all involved parties:

  • UNDERSTAND regulations & their implications
  • IMPLEMENT compliant procedures for departmental processes
  • MONITOR operations to ensure they remain in compliance
  • REFRESH knowledge & keep abreast of developments

What Can We Do For Your Institution?
Business Continuity Planning
Enterprise-Wide Risk Assessment
Vendor Management

Business Continuity Planning consulting

Prepare for a timely & full recovery from any catastrophic event

At MM&T, we prepare your institution to get business back on track after any disaster. We
work with your staff to develop a comprehensive, practical business continuity strategy,
customized to meet the unique needs of your institution.

Our five-phase approach for business continuity and disaster recovery planning addresses
all FFIEC requirements:

  • BCP Catalog
  • Business Impact Analysis
  • Disaster Recovery Tasks
  • Supporting Documentation
  • Risk Monitoring/BCP Maintenance

Once development is complete, you will receive your business continuity plan in our innovative
browser-based format designed for simple, electronic back-up and distribution.

Return to Top

Enterprise-Wide Risk Assessment consulting

Identify and mitigate internal & external operational risk

With the expertise of our team and yours, we create solutions that instill confidence that risks
are being effectively controlled throughout your institution. After undergoing a comprehensive
risk assessment exercise, we help you identify operational risks—specific to your
institution—by examing:

  • Applications & IT Domain
  • Controls at Risk
  • Products, Services & BSA
  • Policies & Procedures

After the assessment, we recommend practical, cost-effective ways to mitigate these risks.
We also work with your auditors and regulatory examiners to ensure that FFIEC and NCUA
requirements are adequately addressed.

For existing CAPlus and BCP clients, we conduct risk assessments using data gathered during
the business continuity plan process—saving your institution time and money.

Return to Top

Vendor Management consulting

Assess and monitor risk for internal & external resources

Our vendor management experts help your institution categorize, assess, and maintain regulatory compliance requirements for vendors and service providers. We work with key personnel from
each department of your institution to identify which vendors require no assessment, contract tracking only, or a full assessment. For those requiring a full assessment, we help determine:

  • Effectiveness of controls in place
  • Financial risk
  • Complexity of service
  • Ability of the institution to provide service itself
  • Availability of alternative vendors
  • Speed in which the institution can change vendors (if necessary)
  • How critical the vendor is to services/operations
  • GLBA, SAS70, and Red Flag requirements
  • Ways to mitigate identified risks
  • And more

Return to Top