article thumbnail

Operational Resilience Self-Assessment: Achieving the March 2022 Deadline

Castellan

In March 2021, The Bank of England, the Prudential Regulation Authority (PRA), and the Financial Conduct Authority (FCA) published policy documents about operational resilience. In terms of self-assessment, regulators do not expect firms to build out a full operational resilience capability ; instead, they are looking for a gap analysis.

article thumbnail

ISO 27001 Certification Requirements & Standards

Reciprocity

Within the ISO 27001 family, there are many other vital documents. Perform a Gap Analysis. A gap analysis gives you a high-level summary of what needs to be done to attain certification and allows you to examine and compare your organization’s current information security arrangements to the ISO 27001 standards.

Audit 52
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

ISO 27001 Requirements Checklist: Steps and Tips for Implementation

Reciprocity

How Do You Perform a Gap Analysis? Companies can compare their present information security systems to the criteria of the ISO 27001 standard to determine where gaps might exist, and what should be done to update their business processes to achieve ISO 27001 certification. The ISO 27001 gap analysis does that.

article thumbnail

Guide: Complete Guide to the NIST Cybersecurity Framework

Reciprocity

‘Special Publications’ take a deeper dive into specific areas Beyond the core framework, NIST has published over 200 special documents addressing various facets of cybersecurity risk management, ranging from identity access control and protective technology management to incident response and artificial intelligence applications.

article thumbnail

Guide: Complete Guide to the NIST Cybersecurity Framework

Reciprocity

‘Special Publications’ take a deeper dive into specific areas Beyond the core framework, NIST has published over 200 special documents addressing various facets of cybersecurity risk management, ranging from identity access control and protective technology management to incident response and artificial intelligence applications.

article thumbnail

Audit Checklist for SOC 2

Reciprocity

A SOC 2 Type 1 report attests to the design and documentation of a service organization’s internal controls and procedures as of a specific date. Perform a SOC 2 Gap Analysis. Once you’ve completed your audit preparation, you should perform a gap analysis.

Audit 52
article thumbnail

The Most Overlooked Security Issues Facing the Financial Services

Solutions Review

The rise – and sophistication – of ransomware attacks has been documented by all parties concerned. Please note: usually when the initial gap analysis is done (remember step 1), you end up with a long list of deviations. Cybersecurity and Infrastructure Security Agency (CISA) adds these 3 security issues to its list.”