Cyber Security Assessment


E3 has helped many financial institutions get a handle on and manage its cyber security risk through the use of the Federal Financial Institutions Examination Council (FFIEC) developed the Cybersecurity Assessment Tool. The CAT provides a repeatable and measurable process for financial institutions to measure their cybersecurity preparedness over time. 


The CAT consists of two parts:

  1. Inherent Risk Profile

  2. Cybersecurity Maturity

The Inherent Risk Profile identifies the institution’s inherent risk before implementing controls. The Cybersecurity Maturity includes domains, assessment factors, components, and individual declarative statements across five maturity levels to identify specific controls and practices that are in place. While management can determine the institution’s maturity level in each domain, the CAT is not designed to identify an overall cybersecurity maturity level.

The Assessment covers the institution’s inherent risk profile based on five categories:

  • Technologies and Connection Types

  • Delivery Channels

  • Online/Mobile Products and Technology Services

  • Organizational Characteristics

  • External Threats

Next the assessment evaluates the institution’s Cybersecurity Maturity level for each of five domains

  • Cyber Risk Management and Oversight

  • Threat Intelligence and Collaboration

  • Cybersecurity Controls

  • External Dependency Management

  • Cyber Incident Management and Resilience

Are you interested in E3 Services? Do you want more information or a proposal? For more information or to receive a Request For Proposal questionnaire please contact us toll-free at (866) 585-8324 or via email at webmaster@e3tech.net.
— Exceeding Every Expectation