I would like to know if if the Cyber Risk Institute framework v 2.0 is on the roadmap for an assessment/framework inside of control map?
https://cyberriskinstitute.org/cri-issues-profile-version-2-0/
This has been the choice of 2 of our FIs knowing that the FFIEC CAT will become obsolete this coming August. I am currently setting them up with NIST CSF 2.0 as the assessment control and we are using a manual excel spreadsheet to track CRI profile for them.
Thanks,
Hi there! Short answer is Yes it is on our roadmap. We have a number of partners that support FFIEC clients and we have heard FFIEC is transitioning over to NIST CSF with CRI for risk management. We already support NIST CSF 2.0 and layering in support for CRI is on our roadmap as we are currently assessing how to implement to meet FFIEC compliance goals.
Already have a ScalePad Community account? Sign in
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.