Docstoc

Red Flags Risk Assessment Template

Document Sample
Red Flags Risk Assessment Template Powered By Docstoc
					                                                                                                                                                   TEMPLATE
                    Red Flags Rule                                                                                  Affiliate:_____________________________
             ____ Initial Self - Assessment
             ____ Annual Self - Assessment                                                                                        Date: ____________________

                                                                                                                 COMMENTS
                                                                                    (ie: process in place, pending procedure, pending training, etc., or address
                                            √ Completed    X Pending                                        mitigation of actual event.)



            1. Types of Covered Accounts - Inventory?
                ie: Monthly billing plans
                ie: Collection accounts
                ie: Student loans
                ie: Active / Inactive account classifications


            2. Methods Used to Open Covered
               Accounts - Implemented?
                ie: Authenticate student identity
                ie: Process of setting up a payment plan
                includes verifying identity
                ie: Challenge questions used in suspicious
                circumstances




            3. Methods Used to Maintain
               Existing Accounts - Implemented?
                ie: Authenticate students phone/mail from
                internet by confirmation of personal
                information
                ie: Verify validity of change of address
                request.
                ie: Consider using passwords, PIN numbers,
                etc. for identification purposes


            4. Responding to Red Flag
               Events - Implemented?
                ie: Contacting the student
                ie: Changing passwords, security codes, or
                other ways to access a covered account
                ie: Closing an existing account
                ie: Re-opening account with a new account
                number
                ie: Not opening a new account
                ie: Not trying to collect on account or not
                sending account to collection
                ie: Determining no response is warranted
                under particular circumstances



4/10/2012                                                     C:\Docstoc\Working\pdf\4947f491-dcc7-4e1b-9432-5eb5927cd39d.xls                                      Page 1 of 4
                                                                                                                                                TEMPLATE
                    Red Flags Rule                                                                               Affiliate:_____________________________
             ____ Initial Self - Assessment
             ____ Annual Self - Assessment                                                                                     Date: ____________________

                                                                                                              COMMENTS
                                                                                 (ie: process in place, pending procedure, pending training, etc., or address
                                            √ Completed    X Pending                                     mitigation of actual event.)


            5. Evaluation of the Identity Theft
               Prevention Program - Reviewed?
                Annual review of policies
                Assess education needs
                Monitor program in high risk areas
                Update program as technology changes and
                red flag identification identifies areas of
                weakness in program



            6. Activities of Contracted Service
               Providers - Reviewed?
                Service Provider Contracts reviewed to require
                process to detect, investigate, mitigate
                identity theft




            Some Examples of Red Flags:
               Student questions bill
               Alert via credit report
               Student has a Social Security number (SSN)
               but no card
               Potential altering of identification presented
               Address discrepancy
               Duplicate SSN, Address, Phone
               Inactive account used again
               Presentation of suspicious documents
               Covered Account # or type - student
               presented with a different name on
               identification card.
               Notification of an identity theft
               Unusual use of, or other suspicious activity
               related to, a covered account




4/10/2012                                                  C:\Docstoc\Working\pdf\4947f491-dcc7-4e1b-9432-5eb5927cd39d.xls                                      Page 2 of 4
Red Flags Risk Self - Assessment                         Source:
Review of Training and Education                         Sample:
                                   Legend                Purpose:

                                      Y                  Procedure:

                                      N                  Conclusion:   Refer to results below.

                                     N/A




                Element            RESPONSE   COMMENTS
Refer to results below.

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:25
posted:4/10/2012
language:English
pages:4