top of page

FFIEC Cybersecurity Assessment Tool




15 CPEs

About the Course

Future Dates for CPE Events
- Monday-Wednesday - August 1-3, 2022;
- Monday-Wednesday - October 24-26, 2022.

Does your bank have the right level of maturity for your Cybersecurity Risk Management activities compared to the inherent risk levels?

The FFIEC Cybersecurity Assessment Tool (CAT) is a diagnostic testing tool that helps internal auditors identify a bank's level of inherent risk and determine the maturity level of their cybersecurity programs.

This training course looks at the way cybersecurity inherent risks can vary significantly based on the financial institution's activities. It is important for a bank's internal audit function to evaluate and analyze the financial institution's inherent risk levels to cybersecurity threats and vulnerabilities.

CAT, which is the basis for this training event, provides a method for measuring a bank's inherent risk levels across several categories, including delivery channels, connection types, external threats, and organizational characteristics.

This comprehensive training course is for anyone who wants to have a strong base of knowledge and understanding of the FFIEC CAT and its use within a banking institution.

This timely, 15 hour CPE training seminar is designed for the project director, project leader and individuals who have to create an effective cybersecurity assessment within their internal audit activities.

This comprehensive in-person event is designed for Internal Auditors, Compliance Analysts, Security Officers and Administrators. Let's learn, grow, and enhance our Security effectiveness! Sign up now!

Each attendee will receive 15 NASBA CPE hours. Government attendees will satisfy their Yellow Book (YB) requirements. A Certificate of Completion will be provided at the conclusion of the class.

The FFIEC has developed the Cybersecurity Assessment Tool (CAT) to help banking institutions identify their cybersecurity risks and determine their cybersecurity preparedness.

The CAT provides a repeatable and measurable process for financial institutions to measure their cybersecurity preparedness over time.

This on-line CPE event covers how to approach compliance with this banking industry regulation. CCS covers the various standard components of an effective cybersecurity program and how to use the CAT properly.

CPE Event Highlights

This course covers use of CAT to provide the internal auditor with a repeatable set of criteria with a maturity model measurement process for their cybersecurity program.

This audit process can allow for information to be passed to banking management of the inherent risks compared to the existing cybersecurity internal control preparedness.

This training event will position the audit leader to use CAT as the criteria for completing a review of the current state of a bank's cybersecurity program.

Learning Objectives

What you will learn:
Understanding the FFIEC guidance.
Learn about FFIEC Cybersecurity Priorities
Understand FFIEC CAT Inherent Risk Profile Assessment Categories
Understand FFIEC Risk Levels
Learn about Inherent Risk Categories and Ratings
Understand in detail the FFIEC CAT Maturity Assessment Category

Key Issues on the Agenda

Section 1 - Contents of the FFIEC CAT
Section 2 - The FFIEC Assessment
Section 3 - Develop an Inherent Risk Assessment Profile
Section 4 - Assess the Maturity Level of Cybersecurity Program Components
Section 5 - Interpret and Analysis Assessment Results
Section 6 - Report the Results
Section 7 - Summary and Going Forward

Your Instructor

John C. Blackshire, Jr.

CEO of The Accountware Group, Inc. (TAG) of Austin, TX. He has over 40 years of business management, internal control, software development and auditing experience. TAG helps companies improve their business processes, implement financial systems, and comply with the requirements of the Sarbanes-Oxley Act.

John C. Blackshire, Jr.
bottom of page