The Federal Financial Institutions Examination Council (FFIEC), on behalf of its members, today issued a frequently asked questions (FAQ) guide related to the Cybersecurity Assessment Tool (Assessment). The FAQ guide answers questions and clarifies points in the Assessment and supporting materials based on questions received by the FFIEC members over the course of the last year.
The FFIEC members developed the Assessment to help financial institutions’ management determine their risk profile and determine the institutions’ inherent risks and cybersecurity preparedness. The Assessment provides a repeatable and measurable process that financial institutions’ management may use to measure their cybersecurity preparedness over time. Use of the tool is voluntary, and financial institution management may choose to use the Assessment or another framework, or another risk assessment process to identify inherent risk and cybersecurity preparedness.
Management of financial institutions and management of third-party service providers are primarily responsible for assessing and mitigating their entities’ cybersecurity risk. Financial institutions can find the latest information about cybersecurity risk management at
www.ffiec.gov/cybersecurity.htm (opens new window)
WASHINGTON – Today, the U.S. Department of the Treasury (Treasury), as Chair of the Committee…
WASHINGTON—Today, the U.S. Department of the Treasury’s Community Development Financial Institutions Fund (CDFI Fund) and…
Washington – The findings from the annual survey of U.S. portfolio holdings of foreign securities…
WASHINGTON – The U.S. Department of the Treasury hosted a roundtable on October 30 with…
WASHINGTON – The United States and the People’s Republic of China held the sixth meeting…
WASHINGTON — Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned…