ACET is an automated tool required for Credit Unions by the NCUA to measure their inherent risk profile and test maturity across five domains including cyber risk management and oversight, threat intelligence and collaboration, cybersecurity controls, external dependency management, and cyber incident management and resilience.
Credit Unions must maintain an ongoing information security risk assessment program that effectively:
A strategy should be developed that defines control objectives & establishes an implementation plan. Security strategies should include:
Starting in 2020, the National Credit Union Administration (NCUA) will require credit unions with assets in excess of $250M to use ACET – their cybersecurity assessment tool for determining the security posture of credit unions. The time to prepare is now.
This guide contains: