Step 1. Choose your NYDFS 23 NYCRR Part 500 Assessment

The NYDFS Cybersecurity Regulation (23 NYCRR 500) is a set of regulations from New York Department of Financial Services (NYDFS) that places cybersecurity requirements on all covered financial institutions. This regulation is designed to ensure businesses effectively protect their customers’ confidential information from cyber attacks. This regulation requires each company to assess its specific risk profile and design a program that addresses its risks in a robust fashion. The regulation requirements includes conducting regular security risk assessments, keeping audit trails of asset use, providing defensive infrastructures, maintaining policies and procedures for cyber security, and creating an incident response plan.

NYDFS 23 NYCRR Part 500 Assessment

This self-assessment follows the NYDFS regulation requirements designed to promote the protection of customer information as well as the information technology systems of regulated entities.

NYDFS 23 NYCRR Part 500 – Third-Party Compliance Assessment

This self-assessment corresponds to the Third-Party compliance requirements of the NYDFS regulation.

Step 2. Edit / Answer / Share the Assessment

Disclaimer: the assessments are provided by Vendict “as is” for information purposes only. Any express or implied warranties, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. While we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the inserted assessment contained herein. Any reliance you place on such information is therefore strictly at your own risk.