Hello All,
Our Security Governance Committee has asked that I reach out to you to see where your credit union is at in using the cybersecurity assessment tool (CAT). The hope is to get an idea of where others are in preparation for NCUA's next visit.
1. Have you planned to or completed a self-assessment using the FFIEC CAT?
2. If you’ve completed a self-assessment, what is the target maturity level you are planning to achieve across the 5 domains (Baseline, Evolving, Intermediate, Advanced, or Innovative)?
3. Have you developed a plan/timeline to achieve the maturity levels you’ve set for your organization?
4. What is your asset size?
As mentioned, we're trying to get an idea of where we fit in the credit union space. WSECU has completed the self-assessment and has determined we will strive to hit baseline by the end of 2016. Baseline was a much higher bar than expected. This has yet to be approved by our board. Any feedback is much appreciated!
