NIST Based Cybersecurity Examinations
Verious NIST standards form the cybersecurity benchmarks used within the financial industry.
NIST frameworks and standards are essential in enterprises where data protection and risk management are critical, particularly in the financial sector and other regulated industries. Although these standards originate in the United States, their adoption has reached a global scale, reflecting a broad recognition of their effectiveness in enhancing cybersecurity practices around the world.
- NIST Cybersecurity Framework (CSF)
- NIST Risk Management Framework (RMF)
- NIST Security and Privacy Controls for Information Systems and Organizations, SP 800-53r5
- NIST Assessing Security and Privacy Controls in Information Systems and Organizations, SP 800-53Ar5
- NIST Control Baselines for Information Systems and Organizations, SP 800-53B
- NIST Guidelines on Firewalls and Firewall Policy, SP 800-41
- NIST Zero Trust Architecture, SP 800-207
- and various others within NIST's Computer Security SP 800 and SP 1800 series catalogue.
Industry Specific Cybersecurity Examinations
- Federal Financial Institutions Examination Council (FFIEC)
- Audit
- Information Security
- Architecture, Infrastructure, and Operations
- Outsourcing Technology Services
- Retail Payment Systems
- Wholesale Payment Systems
- Office of the Superintendent of Financial Institutions (OSFI)
- Cyber Security Self-Assessment
- B-10
- SWIFT Customer Security Controls Framework (CSCF)
- Cloud Security Alliance (CSA)
- Consensus Assessments Initiative Questionnaire (CAIQ)
- Cloud Controls Matrix (CCM)
- Payment Card Industry (PCI) Data Security Standard (DSS)
- Center for Internet Security (CIS) Critical Security Controls (CSC)
- Personal Information Protection and Electronic Documents Act (PIPEDA)
- etc...