• SecurePath for Auto Dealers
  • Services
    • SOC Reporting Services
      • SOC 2® Readiness Assessment
      • SOC 2® Reports
      • SOC 3® Reports
      • SOC for Cybersecurity® Reports
    • IT Advisory Services
      • IT Vulnerability Assessment
      • Network Penetration Testing
      • Privileged Access Management
      • Social Engineering Testing
      • Virtual CISO (vCISO)
      • Written Information Security Program (“WISP”)
      • IT General Controls Audit & Compliance
    • IT Government Compliance
      • CMMC Cybersecurity Services & Compliance
      • DFARS Compliance
      • FTC Safeguards Compliance
  • Industries
    • Financial Services
    • Government
    • Auto Dealerships
    • Enterprise
  • Blog
  • About Us
    • Meet The Team
    • Jobs
  • Contact Us

Call us today! 844-OCD-TECH

Find our Location
OCD TechOCD Tech
  • SecurePath for Auto Dealers
  • Services
    • SOC Reporting Services
      • SOC 2® Readiness Assessment
      • SOC 2® Reports
      • SOC 3® Reports
      • SOC for Cybersecurity® Reports
    • IT Advisory Services
      • IT Vulnerability Assessment
      • Network Penetration Testing
      • Privileged Access Management
      • Social Engineering Testing
      • Virtual CISO (vCISO)
      • Written Information Security Program (“WISP”)
      • IT General Controls Audit & Compliance
    • IT Government Compliance
      • CMMC Cybersecurity Services & Compliance
      • DFARS Compliance
      • FTC Safeguards Compliance
  • Industries
    • Financial Services
    • Government
    • Auto Dealerships
    • Enterprise
  • Blog
  • About Us
    • Meet The Team
    • Jobs
  • Contact Us

FFIEC Updates Cybersecurity Assessment Tool

June 1, 2017 Posted by W. Jackson Schultz, CISA IT Security

Yesterday, on May 31, 2017, the Federal Financial Institution Examination Council (FFIEC), issued an update to the Cybersecurity Assessment Tool (often recognized as “the CAT” throughout our industry).  The update specifically ties and maps the CAT to the updated FFIEC Examination Handbook, focusing on the recently improved Information Security and Management booklets.  Additionally, the updates to the assessment tool allow for enhanced response criteria when performing the self-assessment.  The CAT now permits responders to enter supplementary or complementary behaviors, or overarching controls.  In other words, additional strong practices, processes, and IT general controls that the financial institution has in place to strengthen its security posture can be taken into account when attempting to establish inherent risk and maturity ratings.

Share
0
Avatar photo

About W. Jackson Schultz, CISA

Jackson is a senior auditor with OCD Tech. Currently, Jackson performs IT audit control testing for OCD Tech clients.

You also might be interested in

Elevating FTC Safeguards compliance with a Defense in Depth approach for enhanced cybersecurity in auto dealerships.
Elevating FTC Safeguards compliance with a Defense in Depth approach for enhanced cybersecurity in auto dealerships.

FTC Safeguards Compliance: Why Defense in Depth is Key for Auto Dealers

Jul 18, 2024

In today’s digital landscape, one fact remains clear, compliance does[...]

OCDTECH.5 Cybersecurity Trends for 2024 

5 Cybersecurity Trends for 2024 

Dec 13, 2023

With the beginning of 2024 just around the corner, it[...]

Nation’s First Case of DFARS Non-Compliance Against DoD Contractor Underway

Nation’s First Case of DFARS Non-Compliance Against DoD Contractor Underway

May 13, 2019

Well, it finally happened. A Department of Defense contractor is[...]

Find us on

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Send Message
OCD Tech logo Audit. Security. Assurance.

IT Audit | Cybersecurity | IT Assurance | IT Security Consultants – OCD Tech is a technology consulting firm serving the IT security and consulting needs of businesses in Boston (MA), Braintree (MA) and across New England. We primarily serve Fortune 500 companies including auto dealers, financial institutions, higher education, government contractors, and not-for-profit organizations with SOC 2 reporting, CMMC readiness, IT Security Audits, Penetration Testing and Vulnerability Assessments. We also provide dark web monitoring, DFARS compliance, and IT general controls review.

Contact Info

  • OCD Tech
  • 25 BHOP, Suite 407, Braintree MA, 02184
  • 844-623-8324
  • https://ocd-tech.com

Follow Us

Videos

Check Out the Latest Videos From OCD Tech!

Services

SOC Reporting Services
– SOC 2 ® Readiness Assessment
– SOC 2 ®
– SOC 3 ®
– SOC for Cybersecurity ®

IT Advisory Services
– IT Vulnerability Assessment
– Penetration Testing
– Privileged Access Management
– Social Engineering
– WISP
– General IT Controls Review

IT Government Compliance Services
– CMMC
– DFARS Compliance
– FTC Safeguards vCISO

Industries

  • Financial Services
  • Government
  • Enterprise
  • Auto Dealerships

© 2025 — OCD Tech: IT Audit - Cybersecurity - IT Assurance

  • OCD Tech
  • About Us
  • Contact Us
Prev Next