FFIEC Cybersecurity Assessment Tool Update – New Version of the Cybersecurity Assessment Workbook Released

May 31, 2017

On May 31, 2017, the FFIEC announced an update to the Cybersecurity Assessment Tool which includes a change within the cybersecurity maturity section of the tool and an updated mapping of the baseline statements to the FFIEC IT Examination Handbooks.

The update to the cybersecurity maturity section of the tool allows institutions to select “Yes with Compensating Controls”, meaning that an institution has implemented a control or controls that protect an information system in a manner that is comparable or equivalent to a recommended security control within a declarative statement. Appendix A was revised to incorporate the updates to the Information Security and Management booklets.
Version 2.0 of the Cybersecurity Assessment Workbook (see below) incorporates the changes within the cybersecurity maturity section of the tool, as well as the content of Appendix A.

Cybersecurity Assessment Workbook
(#310) – $299

This electronic workbook allows a financial institution to easily complete the FFIEC Cybersecurity Assessment Tool and generate the needed summaries for analysis and board reporting. The workbook is setup with two main sections: 1) Inherent Risk Profile and 2) Cybersecurity Maturity.

Inherent Risk Profile. Includes five worksheets for the five categories of inherent risk identified in the Cybersecurity Assessment Tool. This section also contains a summary worksheet to assist the reviewer with the identification of an Overall Inherent Risk Profile.

Cybersecurity Maturity. Includes five worksheets for the five domains identified by the Cybersecurity Assessment Tool. A summary worksheet for each of the five domains allows the reviewer to identify the maturity level for each domain.

Easy to Use and Understand
All of the required data entry is completed through the use of drop down boxes and provisions are included to allow the reviewer to enter notes and comments as needed throughout the workbook. Colorful summaries are included to simplify analysis and include in a report to the Board.

The Cybersecurity Assessment Workbook is available for $299.

To Order: Click Here.

Get Our Insights

Connect with a consultant

Contact us to learn more about our consulting services and how we can add value to your financial institution