Overview[]
The FFIEC Cybersecurity Assessment Tool helps financial institutions identify their risks and determine their cybersecurity preparedness. The Assessment provides a repeatable and measurable process for financial institutions to measure their cybersecurity preparedness over time.
The following resources can help management and directors of financial institutions understand supervisory expectations, increase awareness of cybersecurity risks, and assess and mitigate the risks facing their institutions.
- Overview for Chief Executive Officers and Boards of Directors
- Cybersecurity Assessment Tool (Update May 2017)
- User's Guide (Update May 2017)
- Inherent Risk Profile (Update May 2017)
- Cybersecurity Maturity (Update May 2017)
Additional Resources:
- Appendix A: Mapping Baseline Statements to the FFIEC IT Handbook (Update May 2017)
- Appendix B: Mapping to NIST Cybersecurity Framework
- Appendix C: Glossary