-
FFIEC Cancels E-Banking Handbook
On May 13, 2022, the FFIEC very quietly rescinded the FFIEC Information Technology Examination Handbook (IT Handbook) booklet entitled E-Banking. The original booklet was released in 2003 and was accompanied by a flurry of activity by financial institutions to come up with a separate E-banking policy and risk assessment. In effect, the FFIEC is now…
-
FFIEC Cybersecurity Assessment Tool Update
The FFIEC recently released a long-awaited update to the Cybersecurity Assessment Tool, and we think overall it is a relatively minor but useful evolution. But before we get into the details of what the update does address, it’s important to note that it did not address the ambiguity issues that plague the current assessment. One…
-
Ask the Guru: How Can I Best Determine My Cyber Risk Profile?
Hey Guru! We just completed the Cybersecurity Assessment, so now we have our current risk and control maturity levels identified. Can we draw any conclusions about our average risk and control levels? For example, most of our risks are in the Least and Minimal areas, but we do have a few Moderate as well. Can we…
