Cybersecurity Controls Review

As many of you know, in light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council (FFIEC) developed the Cybersecurity Assessment Tool which is designed to evaluate both the Inherent Risk Profile and Cybersecurity Maturity of financial institutions.  The Assessment incorporates cybersecurity-related principles from the FFIEC Information Technology (IT) Examination Handbook and regulatory guidance, and concepts from other industry standards, including the National Institute of Standards and Technology (NIST) Cybersecurity Framework.  

This is a great tool for institutions, but as many of you have found, it can be very time consuming and difficult to properly evaluate the cybersecurity related controls to determine the current Cybersecurity Maturity level.  Fortner Bayens Levkulich & Garrison is now offering a Cybersecurity Controls Review, in which we evaluate all technical, physical and administrative controls for Cyber Risk Management & Oversight, Threat Intelligence & Collaboration, Cybersecurity Controls, External Dependency Management, and Cyber Incident Management & Resilience as outlined by the FFIEC’s Cybersecurity Assessment Tool.  The review includes a management report that outlines any gaps or control deficiencies as well as detailed recommendations or remediation plans to help organizations to achieve their desired Cybersecurity Maturity level.  The controls review not only verifies that controls are in place, but also tests the controls to determine how effective they are.  This allows organizations to accurately identify their current maturity level, and also outlines a clear plan for management to  remediate identified deficiencies.

Fortner Bayens Levkulich & Garrison, P.C. is now offering a Cybersecurity Controls Reviews. For more information please contact your FBLG representative or email us at