New York State Department of Financial Services Cybersecurity (NYDFS NYCRR 500)
This NYDFS Cybersecurity Playbook is based on the guidance of the New York State Department of Financial Services.
The New York State Department of Financial Services Cybersecurity (NYCRR 500) Playbook addresses the following areas:
- Cybersecurity Program
- Cybersecurity Policy
- Chief Information Security Officer
- Penetration Testing and Vulnerability Assessments
- Audit Trail
- Access Privileges
- Application Security
- Risk Assessment
- Cybersecurity Personnel and Intelligence
- Third Party Service Provider Security Policy
- Multi-Factor Authentication
- Limitations on Data Retention
- Training and Monitoring
- Encryption of Nonpublic Information
- Incident Response Plan
- Notification of Cybersecurity Event(s) Confidentiality
Note: You must first install the GRC Playbook software before you can open and use the encrypted Playbooks.
All Playbooks are encrypted to protect the privacy and confidentiality of your data. The GRC Playbook software automatically generates and applies the password to programmatically unencrypt a Playbook and open it for use.
Based on Authoritative Sources