FFIEC Releases Cybersecurity Assessment Tool
The Federal Financial Institutions Examination Council (FFIEC), on behalf of its members, today released a Cybersecurity Assessment Tool (Assessment) to help institutions identify their risks and assess their cybersecurity preparedness.
Financial institutions of all sizes may use the Assessment and other methodologies to perform a self-assessment and inform their risk management strategies. The release of the Cybsercurity Assessment Tool follows last year’s pilot assessment of cybersecurity preparedness at more than 500 institutions. The FFIEC members plan to update the Assessment as threats, vulnerabilities, and operational environments evolve.
In addition to the Assessment, the FFIEC has also made available resources institutions may find useful, including an executive overview, a user’s guide, an online presentation explaining the Assessment, and appendices mapping the Assessment’s baseline maturity statements to the FFIEC Information Technology Examination Handbook, mapping all maturity statements to the National Institute of Standards and Technology's Cybersecurity Framework, and providing a glossary of terms.
The FFIEC members are also encouraging institutions to comment on the Assessment through an upcoming Paperwork Reduction Act notice in the Federal Register.
The FFIEC provides several resources to further awareness of cyber threats and help financial institutions improve their cybersecurity. These resources are available on the FFIEC website at http://www.ffiec.gov/cybersecurity.htm
The FFIEC was established in March 1979 to prescribe uniform principles, standards, and report forms and to promote uniformity in the supervision of financial institutions. The Council has six voting members: a Governor of the Board of Governors of the Federal Reserve System designated by the Chairman of the Board, the Chairman of the Federal Deposit Insurance Corporation, the Chairman of the Board of the National Credit Union Administration, the Comptroller of the Currency, the Director of the Consumer Financial Protection Bureau, and the Chairman of the State Liaison Committee. The Council's activities are supported by interagency task forces and by an advisory State Liaison Committee, comprised of five representatives of state agencies that supervise financial institutions.