Pivot group

In a world in which Cyber Security can never be taken for granted, organizations must be positioned to handle the unexpected. To support the ever-increasing Cyber Security needs of credit unions, LEVERAGE has teamed with PIVOT Group to focus on effective solutions for auditing, assessments, and compliance services. PIVOT Group has a long history of providing Cyber Security solutions in order to protect data and systems, and comply with Information Security and Data Privacy regulations

The PIVOT Group is dedicated to protecting today’s credit unions from the multitude of current and emerging security threats and has developed compliance offerings that incorporate analysis and execution of the following elements:

  • Vulnerability Testing
  • Penetration Testing
  • IT Security Control Assessment
  • Cyber Security Risk Assessment
  • Information Security Training

PIVOT Group is the only neutral firm that solely focuses on Information Security services. Rather than selling or reselling technology, our unique organization redefines Information Security by tailoring solutions. We take the fear out of Information Security and help Credit Unions make it a business enabler and competitive advantage. Our international consultant practice delivers the complete life cycle of security services that meet the business, resource, and regulatory requirements of our clients through working with our clients on the following elements:

  • Meet NCUA Reg 748 A&B Requirements
  • Meet Data Privacy State, National, and Regulatory Compliance
  • Audit and Test Human, IT, and Physical Controls
  • Audit and Test Incident Response Programs
  • Identifying Cyber Security Risks
  • Provide Real Life Security Awareness Programs
  • Prepare Actionable Remediation Plans Prioritized by Criticality
  • Share Information Security Best Practices
  • Develop Executive Management Reporting on Audit Results and Business Risks


NCUA Guidelines under Reg 748A require each credit union to “Implement a comprehensive written information security program that includes administrative, technical, and physical safeguards.” In addition, the program needs to be assessed on a regular/required basis and adjusted accordingly based on the results of the assessments

PIVOT offers an education component to train all employees using the most up-to-date best practices for handling current threats and compliance requirements.

Yes. PIVOT’s services are provided based on your needs and time frames both pre-exam and post-exam.

PIVOT has created a Road to Successful Information Security Methodology.

  1. The first step is to “Look.” You should do a business assessment to identify critical information assets and internal and external threats and should perform a vulnerability assessment to evaluate risks.
  2. The second step is “Plan” or create a strategy based on those assessments.
  3. The third step is “Act.” PIVOT Group works with your team and your roadmap from the above steps to maintain a safe environment and meet regulatory compliance at your credit union.
  4. The final step is “Repeat.” Information Security is a process requiring continual assessments and improvements.

It depends on the size of the credit union, the complexity and sophistication of the IT infrastructure, and if the credit union has experienced any material changes or data compromise. A baseline line requirement for smaller credit unions is they should be performed at least once a year. For the medium to the largest credit unions they are performed quarterly, monthly, and sometimes weekly depending on the results of their Risk Assessments.

Request Resources

Resources include:

To fulfill your request, please provide the following:

* = Required field.