GET COMPLIANT

FFIEC Risk & Cybersecurity Assessment

Get a head start on your FFIEC Cybersecurity self assessment.

Schedule your no-risk security assessment

Man working on a computer with code overlaid on top of image

STN’s FFIEC Cybersecurity Assessment provides a Risk and Cybersecurity gap assessment based specifically on the FFIEC Cybersecurity Tool framework.

Step One

How We Do It

Utilizing our FFIEC CAT automated software, a STN Security Consultant will complete the entire FFIEC Cybersecurity Assessment in coordination with your team educating you how to conduct future assessments independently.

STN first conducts the FFIEC Risk Assessment across five key elements:

Type 1

Technologies and Connection Types

Type 2

Delivery Channels

Type 3

Online/Mobile Products and Technology Services

Type 4

Organizational Characteristics

Type 5

External Threats

Step Two

Feedback & Assist

STN’s experienced security consultants will then provide valuable feedback on how to eliminate, reduce, or mitigate necessarily high risks and help your financial institution assign your appropriate Inherent Risk Profile.

Step Three

Final Assessment

STN will then conduct an FFIEC maturity assessment of your institutions cybersecurity preparedness across the following five domains:

Domain 1

Cyber-risk management and oversight

Domain 2

Threat intelligence and collaboration

Domain 3

Cybersecurity controls

Domain 4

External dependency management

Domain 5

Cyber-incident management and resilience

In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council (FFIEC) developed the Cybersecurity Assessment Tool (Assessment) to help institutions identify their risks and determine their cybersecurity preparedness.

The Assessment provides a repeatable and measurable process for financial institutions to measure their cybersecurity preparedness over time.

FFIEC

JUNE 2015

Accessing your Cybersecurity Maturity and interpreting your institution’s specific mitigations against the recommended FFIEC controls can be a difficult and frustrating task. This is where the STN team shines. We help you access your organization against the FFIEC controls and provide guidance on what your examiners will be looking for.

Finally, STN will assist you with presenting your results in an executive presentation, highlighting your progress and clearly identifying what your institution’s focus needs to be to ascend to the next maturity level.

STN’s FFIEC Risk & Cybersecurity assessment includes a subscription to STN’s FFIEC CAT Software, allowing your team to generate the necessary reports for your examiners and conduct future self-assessments.

Schedule with STN Today

Woman pointing to a computer screen as man looks on

“As a small credit union, we have very limited staff and time. We need a tool that provides us with a quick and easy way of fulfilling our regulatory assessments. Not only does STN’s tool do the job, but it also allows us to compare against past assessments and reveal trends through our history. This has been very powerful in determining where we have been deficient and where we are excelling. STN’s FFIEC self-assessment tool also provides us a quick and easy way to report to our board and our NCUA examiners on our improvements and progress.”

— Information Security Analyst
Credit Union – $1.6 Billion assets

“STN’s new FFIEC tool simplifies the process of ascertaining risk levels, assessing an organization’s maturity level, and gauging progress needed and made over time. An accessible and intuitive interface makes it easy to use, STN has created a valuable tool for reporting and documenting FFIEC data as it pertains uniquely to your company.”

— Vice President / Information Security Officer
Credit Union – $600MM Assets