New York State Cybersecurity Requirements for Financial Services Companies Authoritative Source Content

Document created by Susan Read-Miller Employee on May 21, 2018Last modified by Susan Read-Miller Employee on May 20, 2019
Version 5Show Document
  • View in full screen mode

The New York Department of Financial Services (DFS)'s cybersecurity regulation, 23 NYCRR 500 became effective March 1, 2017, with a two-year implementation period. The regulation requires all DFS regulated entities, subject to certain exemptions, to adopt the core requirements of a cybersecurity program, including a cybersecurity policy, effective access privileges, cybersecurity risk assessments, and training and monitoring for all authorized users, among other requirements.

 

Languages

This content is available in English only.

 

Mappings

Mappings for the New York State Cybersecurity Requirements for Financial Services Companies Authoritative Source to the RSA Archer Control Standard Library are available in the authoritative source content pack.

 

Content Source

The source of this content comes from the New York State Department of Financial Services website.

 

Licensing Restrictions

The New York State Cybersecurity Requirements for Financial Services Companies Authoritative Source content is available with the use of the RSA Archer Policy Program Management, RSA Archer Controls Monitoring Program Management, and/or RSA Archer Authorization and Assessment use cases. No additional license is required.

 

For More Information

To learn more about the New York State Cybersecurity Requirements for Financial Services Companies Authoritative Source Content:

 

For Additional Support

To learn more about this content, please contact your Account Rep for additional details. For technical support questions, please open a support case or contact RSA Archer at archersupport@rsa.com for more information.

Attachments

    Outcomes