Cybersecurity Assessment Tool

Posted byIR Press Leave a comment on Cybersecurity Assessment Tool

FIL-28-2015
July 2, 2015

Cybersecurity Assessment Tool

Printable Format:

FIL-28-2015 – PDF (PDF Help)

Summary:

The FDIC, in coordination with the other members of the Federal Financial Institutions Examination Council (FFIEC), is issuing the FFIEC Cybersecurity Assessment Tool to help institutions identify their cybersecurity risks and determine their preparedness.

Statement of Applicability to Institutions with Less than $1 Billion in Total Assets: This Financial Institution Letter (FIL) is applicable to all FDIC-supervised institutions.

Highlights:

  • The Cybersecurity Assessment Tool has been developed by the FFIEC members in response to requests from the industry for assistance in determining preparedness for cyber threats. Use of the Cybersecurity Assessment Tool is voluntary.
  • The Cybersecurity Assessment Tool provides a way for institution management to assess an institution’s inherent risk profile and cybersecurity maturity to inform risk management strategies.
  • The Cybersecurity Assessment Tool and a variety of supporting resources, including an executive overview, user’s guide and instructional presentation, are available on the Cybersecurity Awareness page of the FFIEC.gov website at https://www.ffiec.gov/cybersecurity.htm.
  • Also available is a mapping of the Cybersecurity Assessment Tool to the Cybersecurity Framework issued by the National Institute for Standards and Technology and a mapping of the Baseline Statements of the Cybersecurity Assessment Tool to the FFIEC Information Technology Handbook.
  • FDIC examiners will discuss the Cybersecurity Assessment Tool with institution management during examinations to ensure awareness and assist with answers to any questions.
  • The FDIC encourages institutions to comment on the usability of the Cybersecurity Assessment Tool, including the estimated number of hours required to complete the Assessment, through a forthcoming Federal Register Notice.
  • FDIC-supervised institutions may direct questions on the FFIEC Cybersecurity Assessment Tool through https://fdicsurveys.co1.qualtrics.com/jfe/form/SV_4JgpIWXWB9Gjps1

Related posts:

  1. Regulatory Capital Rules
  2. Simplifications to the Capital Rule Pursuant to the Economic Growth and Regulatory Paperwork Reduction Act of 1996
  3. Military Lending Act: Interagency Consumer Compliance Examination Procedures, DOD Interpretive Rule, and the FDIC’S Supervisory Expectations
  4. Changes to Deposit Insurance Assessments

Leave a comment

Your email address will not be published. Required fields are marked *