FFIEC SaaS Assessment Saves Time

by | Aug 15, 2016 | Cybergovernance Journal

I’ve been meaning to write about automating FFIEC’s Cyber Assessment Tool. Now that we’re launching support for it, it’s time to talk about it.


FFIEC SaaS Assessment Saves Time

Latest CMOM Release Combines FFIEC and NIST Audits

AUSTIN, August 16, 2016 – Cybernance has launched a major update of its cybersecurity governance platform to fully automate the Cybersecurity Assessment Tool developed by the Federal Financial Institutions Examination Council (FFIEC). FFIEC assessments involve a risk profile assessment and a cybersecurity maturity assessment, and both are supported in the new release.

“We recognized the challenges that financial institutions face in implementing the comprehensive FFIEC guidelines,” said Charlie Leonard, VP Products at Cybernance Corporation. “Automating the collaboration required to complete a comprehensive assessment reduces the time it takes significantly.”

The Federal Financial Investigations and Examinations Council (FFIEC) published guidelines for financial services companies to assess and manage their cyber risk in mid-2015. Two key components are amenable to automated assessment: (1) the inherent risk of an organization, which derives from its size, position in the market, and type of services, and (2) security controls that have been implemented, which are largely based on NIST principles.

The FFIEC Compliance Module is integrated into CMOM (“SEE-mom”), Cybernance’s secure cybergovernance platform hosted on Amazon Web Services. The FFIEC Module collects data across the organization and displays in a console how well aligned the organization is with FFIEC’s five “domains” of cyber risk management.

The FFIEC Module

The FFIEC Module also reveals how internal controls contribute to adherence to the FFIEC guidelines. This comprehensive view helps compliance and audit professionals understand compliance needs and build a roadmap to address the highest priorities. Clicking on a rule reveals details about each control that contributes to compliance, reports its implementation status, and identifies its owner or administrator.

“We will continue to expand the capabilities of the governance platform we created to enable executives to manage cybersecurity and directors to oversee it,” said Cybernance CEO Mike Shultz. “Adding FFIEC support to our support for NIST, HIPAA, and other key benchmarks broadens CMOM’s value to existing customers, and it will enable financial institutions to adopt an emerging standard way to assess compliance.”

For more information, visit www.cybernance.com/FFIEC/.

About Cybernance Corporation
Cybernance is an Austin-based company that developed the Cybergovernance Maturity Oversight Model (CMOM), a SaaS governance platform. CMOM protects executives and directors from personal liability for breaches by enabling oversight of cyber risk and active engagement in managing risk mitigation. The company publishes articles regularly in Cybergovernance Journal about the challenges faced by management and boards in steering their organizations toward cyber maturity.

Bob Barker, Chief Strategy Officer
12600 Hill Country Blvd., Suite R275
Bee Cave, TX 78738
+1 512.329.2643


Posted in Content

Leave a Reply

Your email address will not be published. Required fields are marked *


Visit Us On TwitterVisit Us On FacebookVisit Us On LinkedinVisit Us On Google Plus

Keep Current with What’s New in Cybersecurity

Email Address:


Cybersecurity News Daily

Provides a daily summary of what's news in Cybersecurity


Recent Tweets



Get every new post delivered to your Inbox

Join other followers: