5 Ways to Become a Better Loan Officer
As a passionate mortgage professional, you are constantly striving to improve your job performance and gain new, innovative knowledge about your...
2 min read
Hugo Gonzalez : Thu, Oct 06, 2016
By now, you may have heard the hype surrounding the new assessment tool from the Federal Financial Institutions Examination Council (FFIEC). This powerful new tool is critically important to mortgage businesses of all sizes, enabling them to better evaluate the health and maturity of their cybersecurity systems. We’ve provided a comprehensive guide of the most important things you should know about the new FFIEC Cybersecurity Assessment Tool.
The Commonwealth of Massachusetts apparently takes the FFIEC tool very seriously. We understand that it sent notices to mortgage companies informing them that they must complete the audit this year (by the end of June, actually). Other states, however, have yet to require financial institutions to implement the tool.
Unfortunately, the truth is there's not a lot of help out there. The audit with an annual completion deadline clearly addresses larger organizations that have staff dedicated to cybersecurity. Even MBA conferences dealing with this issue generally focus on larger mortgage companies. When questioned about providing guidance for small shops, the panelists from one such conference said they had not worked with groups smaller than 75-100 employees. So, the devil is in the details for smaller companies.
The audit required by the Cybersecurity Assessment Tool provides a baseline that tells you where your cybersecurity efforts stand at the moment. It is not a pass/fail test. It's meant to help you improve from year to year.
The FFIEC intended for the tool to help financial institutions understand their cybersecurity risks and how prepared they are to prevent attacks. The assessment tool can also inform the path you follow with respect to risk management.
The tool has two parts to it: the first is to assess risk inherent in the organization, and the second looks at your organization's maturity in addressing cyber controls. That should ease your mind, at least for the first year. To help you prepare, here are some commonly asked questions for first-time users.
To talk more about the FFIEC assessment tool, mortgage IT services in the cloud, or other cybersecurity issues, please contact us.
As a passionate mortgage professional, you are constantly striving to improve your job performance and gain new, innovative knowledge about your...
Business data is available at your fingertips, but is it protected? If your mortgage company isn’t talking about advanced data governance, you’ve...
Every October since 2004, the United States has observed National Cybersecurity Awareness Month. Computer security is always important, but the month...