New York State Department of Financial Services (NYDFS)

Cybersecurity (NYCRR 500)

This series of NYDFS Cybersecurity, Transaction Monitoring and Virtual Currencies Playbooks are based on the New York State Department of Financial Services (NYDFS) industry guidance.

Download the Playbook

Unlock access to a wealth of information.

What is the Cybersecurity (NYCRR 500) Playbook?

The Cybersecurity (NYCRR 500) Playbook addresses the following areas:

  • Cybersecurity Program
  • Cybersecurity Policy
  • Chief Information Security Officer
  • Penetration Testing and Vulnerability Assessments
  • Audit Trail
  • Access Privileges
  • Application Security
  • Risk Assessment
  • Cybersecurity Personnel and Intelligence
  • Third Party Service Provider Security Policy
  • Multi-Factor Authentication
  • Limitations on Data Retention
  • Training and Monitoring
  • Encryption of Nonpublic Information
  • Incident Response Plan
  • Notification of Cybersecurity Event(s) Confidentiality



You Also Get


Policy Document Template

These templates are designed to be a starting point for your clients, which can be tailored for your client's specific organizational needs.


Overview Flow Charts

A diagrammatic representation of the flow of assessment activities within your playbook.



Our instructions for use. These are the same for all our playbooks, once you know how to use one, you can use them all.



A PowerPoint tutorial on the specific playbook, covering the most important aspects of this area of assessment.

One Subscription. 100+ Playbooks.

You know what your clients need, let us help you deliver.

Related Playbooks

Playgroup Icon

Cybersecurity (NYCRR 500)


What are they saying?

Learn more about the many benefits our Playbooks have offered organisations like yours.

Based on Authoritative Sources

Sign up for our newsletter and get the best of GRC Playbook straight to your inbox.
Leo-logo ERDF ESF