Step 1. Choose your FFIEC CAT Assessment


In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council (FFIEC) developed the Cybersecurity Assessment Tool (CAT), on behalf of its members, to help financial institutions identify their risks and determine their cybersecurity preparedness. The Assessment provides a repeatable and measurable process for institutions to measure their cybersecurity preparedness over time. The Assessment incorporates cybersecurity-related principles from the FFIEC Information Technology (IT) Examination Handbook and regulatory guidance, and concepts from other industry standards, including the National Institute of Standards and Technology (NIST) Cybersecurity Framework.

FFIEC Risk Profile Assessment

Part 1 of the Assessment identifies the institution’s inherent risk. Inherent risk incorporates the type, volume, and complexity of the institution’s operations and threats directed at the institution.

FFIEC Maturity Assessment

Part 2 of the Assessment is Cybersecurity Maturity, designed to help management measure the institution’s level of risk and corresponding controls.

This assessment has been developed by FFIEC (Federal Financial Institutions Examination Council).


Step 2. Edit / Answer / Share the Assessment


Disclaimer: the assessments are provided by Vendict “as is” for information purposes only. Any express or implied warranties, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. While we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the inserted assessment contained herein. Any reliance you place on such information is therefore strictly at your own risk.