The FFIEC’s Cybersecurity Assessment Tool (CAT) is one framework recognized by regulators and security professionals alike. Like the Financial Services Sector Coordinating Council’s Cybersecurity Profile, (among other recognized frameworks), these programs provide a method to measure cyber preparedness. Analysis of the current program identifies gaps in policies, procedures, and technical tools. AaSys Group Security Professionals concentrate on identifying the perimeter and safeguards deployed to protect the institution’s outer boundaries.
The CAT identifies the financial institution’s Inherent Risk Profile and Cyber Maturity Level. Utilizing the CAT, AaSys Group Security Professionals establish a security baseline based upon the institution’s policies, procedures, processes, environment, and deployed technology solutions. This baseline is mapped to the FFIEC Information Technology Examination Handbook as well as to other FFIEC examination booklets. Additionally, the institution’s baseline is benchmarked against the National Institute of Standards and Technology’s Cybersecurity Framework.