Banks to FFIEC: Cyber Tool is Flawed; examiners using what institutions perceive as subpar tool. Banks want to see more definitive clarification of the voluntary nature of the tool. The Office of the Comptroller of the Currency declined to comment about when, if ever, changes or clarifications might be announced. OCC spokeswoman says the tool’s use is, indeed, voluntary; OCC says it will be used by the examiners as part of the exam process. The tool’s assessment recommendations more closely resemble those outlined in the National Institute of Standards and Technology Cybersecurity Framework.”]
Source: https://www.cuinfosecurity.com/banks-to-ffiec-cyber-tool-flawed-a-8823