Mastering the FFIEC Cybersecurity Assessment Tool

The Cybersecurity Assessment Tool is the most significant regulatory publication released in years, and this session will provide the processes necessary to fully utilize its results. Completing the Cybersecurity Assessment Tool (CAT) is a critical step in maintaining compliance with FFIEC guidance. However, completing the CAT is only one of the steps in a series of necessary process enhancements. This session will review the expectations established within the CAT guidance, review how the assessment tool works, and provide answers with insight surrounding issues that have surfaced.

Join us to explore the governance side of cybersecurity with documented policies and how to effectively integrate cybersecurity into your audit processes.

Covered Topics:

  • Cybercrime overview
  • Board/CEO cyber responsibilities 
  • FFIEC Inherent Risk Process
  • FFIEC Cybersecurity Maturity
  • Regulatory requirements to complete
  • Setting Cyber Risk Appetite
  • Gap Analysis and other steps after the risk assessment
  • Cyber Policy and Programs 
  • Cyber Auditing
  • What to expect next 

Who Should Attend?

Information Security Officers, IT Managers, Risk Officer, Internal Auditors, Board members, or other management team members looking for a solid understanding of the cybersecurity assessment process.