Web Analytics

"New Cybersecurity Assessment Tool"

Article

The Federal Financial Institutions Examination Council recently published its Cybersecurity Assessment Tool (Assessment) to help financial institutions identify cybersecurity risks and determine the institution’s preparedness through a repeatable and measurable process over time.

We share it with our data privacy audience because its value is not limited to financial institutions. It is a thoughtful, structured process that many companies could use to evaluate and improve their cybersecurity preparedness if they are not subject to other specific regulatory requirements. This tool was developed for financial institutions due to their inherent risks and their dependence on information technology, their interconnectedness, and their evolving cyber threats—factors not unique to financial institutions.

Note that the tool contains an overview for the institution’s board of directors and senior management and questions to assist in the assessment process, which clearly shows the trend of making cybersecurity a senior management and board responsibility. As we’ve discussed in a previous blog, boards of directors and senior management, regardless of institution size or industry, will need to continue to focus on cybersecurity issues.

As we discuss in more detail in our client alert, the Assessment consists of two parts: “inherent risk profile” for determining the levels of inherent risk and “cybersecurity maturity” to measure the applicable controls.

Have you assessed your company’s cybersecurity risks?

Follow Quarles

Subscribe Media Contact
Back to Main Content

We use cookies to provide you with the best user experience on our website and to analyze statistics related to our website. To understand more about how we use cookies, or for instructions to change your preference and browser settings, please see our Privacy Notice. Please note that if you choose to reject cookies, doing so may impair some of our website's functionality.