The National Credit Union Association (NCUA) is a federal agency that was created to regulate and supervise federal credit unions. The NCUA requires credit unions to take the appropriate steps to mitigate cybersecurity risks in accordance with the Electric Code of Federal Regulations e-CFR §748 and the Federal Financial Institutions Examination Council (FFIEC) Examination Handbook. Credit unions may choose their desirable framework for individual assessments; however, NCUA examiners follow the FFIEC NIST-based Cybersecurity Assessment approach.
DirectDefense helps identify gaps between your organization’s current compliance program and the NCUA/FFIEC cybersecurity guidelines. We can assist in the development of a remediation plan and a detailed report on your organization’s compliance with the NCUA/FFIEC security mandate. We can also train your team on using the FFIEC Cybersecurity Assessment tool for internal assessments.