I've created an excel based tool for banks and other financial institutions who want to easily create a brief, high-level report for the Board of Directors to clearly communicate the cybersecurity posture of their organization (as guided by the FFIEC).
Version 2.7 is now available and a lot of great feedback has been coming in:
"Chris, this is wonderful! Even more than I was expecting! Thank you as this will save me a lot of time!"
Roger Chalkley, IT Director at a bank in Indiana
[mc4wp_form id="890"]
I promise it will save you time and headache.
If you are unsure if you need to be doing this, pause for a 3 hour break and go directly to the FFIEC website describing the what, why, and how. Or take my word for it, and read on.
Ok, now that you've determined for yourself that this is important, and you now see how daunting the task can be by just using the static PDF that the FFIEC provided, you should be very interested in finding a tool to help speed that along.
Responding to requests by my clients, I decided to create an excel spreadsheet to streamline the process and make analysis and reporting of that analysis to the Board as easy as possible.
Dan Hadaway, Managing Partner at Infotex, outlines the 5 step approach that the FFIEC wants you to take here. And after he outlines the steps to complete the process, he goes on to urge the reader to get started on them immediately.
Dan's 5 steps are:
- Read Overview for Chief Executive Officers and Boards of Directors
- Read the User’s Guide
- Complete Part 1: Inherent Risk Profile of the Cybersecurity Assessment Tool
- Complete Part 2: Cybersecurity Maturity of the Cybersecurity Assessment Tool
- Interpret and Analyze Assessment Results
Steps 1 and 2 are still very necessary, but I think you'll like how this spreadsheet makes steps 3-5 very straightforward and takes the guessing game out of what each of those items actually involves.
"Thank you for developing this tool!"
David, Sr. Vice President of Audit at a trust company in Virginia
My tool makes it simple: answer the questions, determine where you need to improve, assign the action items to get you to your goals, and print the 1 page summary and Action Items:
Inherent Risk Profile and Cybersecurity Maturity Level
Chart with the 5 cybersecurity domains
Action Items needed to reach an acceptable Risk/Maturity Profile
I've also created a concise (under 3 min) video to demonstrate how to use this tool, and show you how easy it makes reporting on your FI's cybersecurity.
https://youtu.be/kC9eUQRVGjU
Best of all, this tool is free to those who promise to use it only for good.
Regulators will ask to see yours in your next IT examination, don't wait any longer, request the tool below and get started today.
Enter your email, and hit "SEND IT TO MY INBOX" to have it emailed directly to you.
[mc4wp_form id="890"]
Or email me at chris@chrisbedel.com requesting it be securely sent to you via ShareFile.
"I think it’s a great document that will assist several individuals and organizations to both assess and implement sufficient controls within their organization."
Mark, VP of Information Security at a bank in Utah
Disclaimer: Unfortunately, this tool only works in Excel. Sorry OpenOffice, LibreOffice, and Numbers users (I'm sure I'm leaving someone out)!
Email or Tweet me your thoughts and/or any questions on this post.
Like this? Please Share:
[feather_share]