FFIEC Update: Cybersecurity Assessment Tool

Businesspeople discussing cyber security
Cybersecurity is a growing concern, particularly among highly regulated industries such as finance. In February, the Federal Financial Institutions Examination Council (FFIEC) urged financial organizations to prepare for cyber risks in an appendix to its IT Examination Handbook. The FFIEC is continuing its push for better cybersecurity practices through the release of its new Cybersecurity Assessment Tool.

The tool walks organizations through completing a risk assessment, which involves determining an organization’s inherent risk profile and cybersecurity maturity levels within five domains:

  • Cyber Risk Management and Oversight
  • Threat Intelligence and Collaboration
  • Cybersecurity Controls
  • External Dependency Management
  • Cyber Incident Management and Resilience

As threats, vulnerabilities and operational environments evolve, FFIEC members plan to update the tool as necessary. To access the tool and related documents, visit ffiec.gov/cyberassessmenttool.htm.

Popular Posts