The FFIEC CAT framework is designed to help federally supervised financial companies assess their risk profile and cybersecurity maturity. This framework is derived from the Cybersecurity Assessment Tool (CAT) developed by the Federal Financial Institutions Exam Council (FFIEC), which sets security controls frameworks for your financial organization and holding companies.

How It Works

The FFIEC CAT framework will guide your compliance with federal financial regulations through financial declarative statements in five domains: Controls, External Dependency Management, Cyber Incident Management, and Resilience.

You can take the first step to secure your financial organization with the FFIEC CAT framework by downloading it from the Risk Cloud Controls Repository and applying it directly to your programs.

Why You Need It

• Proactively assess, identify, and understand any cybersecurity risk your financial organization faces
• Enforce federal compliance for financials using declarative statements within five key cybersecurity domains
• Keep your stakeholders and financial partners protected and confident in your organization