In 2018 we have seen more consistency and rigorous examination programs from both the state and federal level. The investments that regulatory agencies have made in Information Technology examination program updates is being noticed amongst financial institutions. For some institutions, you will find yourself using both processes to evaluate security or prepare for your examination.
These two programs have two different objectives, InTREx is used to conduct an examination against the institution where the FFIEC Cybersecurity Assessment Tool (CAT) can be both an examination tool and a self-assessment tool. Both provide extreme value to an institution when used properly. In this presentation, we will review both processes; best practices using each, comparison of their differences, and how to leverage them together.
It might seem excessive to follow two different processes for your institution. We can highlight ways to build a single model that can accomplish both objectives.
- FFIEC Cybersecurity Assessment Tool (CAT) Process
- Top Baseline Control Challenges
- FDIC InTREx Process
- Top InTREx Findings
- Pros and Cons of each process
Who Should Attend?
Information Security Officer, IT Manager, Risk Officer, Internal Auditor or other management team members looking for a solid understanding of the assessment process.
Please note: This site employs features that may cause unexpected behavior in older versions of Internet Explorer. If you experience a problem, try refreshing your screen. If this doesn't solve the problem, click on this link.
You may contact us by using the Online Chat button below.