What to Know About the FFIEC’s Cybersecurity Assessment Tool FAQ
Back in 2015, the Federal Financial Institutions Examination Council (FFIEC) released its Cybersecurity Assessment Tool. Designed to assist financial institutions of all sizes identify and assess risks and weaknesses in their cybersecurity posture, it has notably been met with widespread confusion and complaints. The FFIEC has recently tried to clear some of this up by releasing a “Frequently Asked Questions” guide to the tool, with mixed results. Original Concerns These complaints include everything from critiques on the effectiveness of the tool to confusion over whether it is truly voluntary or not and frustration over the amount of time needed to collect and input data into the tool itself. Banking institutions have also been wondering exactly how this tool should be