Cima Sogc Checklist 1

Uploaded by

serpentor83

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

30 views1 page

Cima Sogc Checklist 1

Uploaded by

serpentor83

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 1

CIMA Statement of Guidance & Rule for Cybersecurity Checklist

What is it? Who is affected?

1. “...intended to provide guidance to regulated entities on 1. “This Guidance applies to all entities regulated by the
cybersecurity…” (SOG:R 1.1) Authority including controlled subsidiaries as defined
2. “... sets out the Cayman Islands Monetary Authority’s in the Banks and Trust Companies Law.” (SOG:R 3.1)
(“the Authority”) minimum expectations in relation to 2. “Regulated entities are ultimately responsible for …
the management of cybersecurity risks.” (SOG:R 1.2) assessing the service provider(s)’ compliance with this
Rule and the related SOG on Cybersecurity for
Regulated Entities;” (SOG:R 5.4a)
What are the requirements?
1. “Regulated entities must establish, implement, and maintain a documented cybersecurity framework” (SOG:C 5.1a)
2. “A well-documented cybersecurity risk management strategy, (including):” (SOG:C 5.1b)
i. Cybersecurity and IT security policies and procedures
ii. Clearly identified managerial responsibilities and controls
iii. Processes for responding to, containing and recovering from cyber attacks, breaches and incidents
3. “Regularly review the emerging (or evolving) cybersecurity threats and IT landscape and assess their cybersecurity
framework to ensure that the framework continues to be appropriate” (SOG:C 5.1c)

Requirement 1 | Cybersecurity Framework

1. Any “reputable international standards or frameworks on cybersecurity” can be used. Frameworks referenced and
listed include:
i. National Institute of Standards and Technology (NIST)
ii. Control Objective for Information and Related Technologies (COBIT)
iii. Information Technology Infrastructure Library (ITIL) *ITIL based on the ISO 27001 standard
iv. International Organization for Standardization (ISO)
2. Implementation of a CSF will help satisfy the rest of the requirements as part of the process
i. Requires IT Policies & Procedures, parties responsible for the CSF, and constant improvement processes

Requirement 2 | Cybersecurity Risk Management Strategy

1. Key Policies and Procedures include:
• IT Security Program Policy • Data Classification Policy
• Acceptable Use Policy • Data Encryption Policy
• Business Continuity Policy • Disaster Recovery Policy
• Cybersecurity Risk & Vulnerability Management • Incident Response Policy
Policy • Remote Access Policy
• Data Breach Policy • Vendor Management Policy
2. Organizations should practice “Defense in Depth” and test, deploy, and inventory technical and procedural controls that
satisfy the requirements outlined in each of these policies.

Requirement 3 | Regular Review of Cybersecurity Framework

1. Perform third-party assessments at least annually or whenever major changes have been made to infrastructure. These
assessments include:
i. Penetration Testing (technical simulation of cyber-attacks to identify vulnerabilities)
ii. CSF Audit (attestation reports to determine successful and failures of a CSF)
iii. Cyber Risk Assessment (assessment to check readiness and reaction capabilities of an organization
regarding cyber events)
2. Any CSF will require specific third-party assessments performed as part of the implementation process.

Questions? Reach us at info@emberlake.ky

Cyber Threat Management Summary
No ratings yet
Cyber Threat Management Summary
19 pages
Top 25 Cybersecurity Frameworks
No ratings yet
Top 25 Cybersecurity Frameworks
15 pages
Cyber Risk Management Guidelines Issued by The DFSA
No ratings yet
Cyber Risk Management Guidelines Issued by The DFSA
3 pages
UMASS NISTCSF October 2016 Presentation Rev2
No ratings yet
UMASS NISTCSF October 2016 Presentation Rev2
22 pages
Cyber Frameworks and Audit Programs
No ratings yet
Cyber Frameworks and Audit Programs
15 pages
NYDFS Assessment Toolkit
33% (3)
NYDFS Assessment Toolkit
236 pages
Cyber Framework
No ratings yet
Cyber Framework
129 pages
ICTCYS612 Student Assessment Tasks and Project Portfolio V2.0
0% (2)
ICTCYS612 Student Assessment Tasks and Project Portfolio V2.0
36 pages
NCIIPC Cybersecurity Framework
100% (1)
NCIIPC Cybersecurity Framework
32 pages
A Definition of Cyber Security
No ratings yet
A Definition of Cyber Security
5 pages
Cybersecurity Best Practices Guideline 09132023
No ratings yet
Cybersecurity Best Practices Guideline 09132023
15 pages
Ssekitende Ali Oc
No ratings yet
Ssekitende Ali Oc
21 pages
Critical Infrastructure Cybersecurity
No ratings yet
Critical Infrastructure Cybersecurity
35 pages
Sama Cyber Audit Checklist
No ratings yet
Sama Cyber Audit Checklist
4 pages
Cybersecurity Plan Template
No ratings yet
Cybersecurity Plan Template
14 pages
Draft SOP - Cyber Cell - Handling Cyber Incidents Attacks in UT of Puducherry - Oct-2023
No ratings yet
Draft SOP - Cyber Cell - Handling Cyber Incidents Attacks in UT of Puducherry - Oct-2023
9 pages
2019 Cybersecurity Resource and Reference Guide - DoD-CIO - Final - 2020FEB07
No ratings yet
2019 Cybersecurity Resource and Reference Guide - DoD-CIO - Final - 2020FEB07
53 pages
Cybersecurity Best Practices Guide
No ratings yet
Cybersecurity Best Practices Guide
4 pages
Top Security Frameworks
No ratings yet
Top Security Frameworks
15 pages
CSA Framework Policies Control Proc + Chpt11
100% (3)
CSA Framework Policies Control Proc + Chpt11
44 pages
Blue Team Fundamentals Module 01
No ratings yet
Blue Team Fundamentals Module 01
32 pages
Lead Cyber Security Manager
No ratings yet
Lead Cyber Security Manager
30 pages
NIST CSF Auditor Checklist: Function Category Identify (Id)
No ratings yet
NIST CSF Auditor Checklist: Function Category Identify (Id)
21 pages
Network Security Monitoring Procedure
100% (1)
Network Security Monitoring Procedure
3 pages
Cyber Security Policy
No ratings yet
Cyber Security Policy
15 pages
3 - Network Security Fundamentals
No ratings yet
3 - Network Security Fundamentals
15 pages
Cyber Policy for Stockbrokers
No ratings yet
Cyber Policy for Stockbrokers
14 pages
D490 Task 2 Draft
No ratings yet
D490 Task 2 Draft
5 pages
An Evaluation Framework For Cybersecurity Maturity Aligned With The NIST CSF
No ratings yet
An Evaluation Framework For Cybersecurity Maturity Aligned With The NIST CSF
20 pages
Cyber Security Guide
No ratings yet
Cyber Security Guide
59 pages
CDOIF Guideline Cyber Security For Senior Managers v1 Final
No ratings yet
CDOIF Guideline Cyber Security For Senior Managers v1 Final
29 pages
Cyber Essentials Starter Kit - 03.12.2021 - 508 - 0
No ratings yet
Cyber Essentials Starter Kit - 03.12.2021 - 508 - 0
17 pages
Conptia Security Study Guide SYO-601
No ratings yet
Conptia Security Study Guide SYO-601
152 pages
Cyber Resilience Questionnaire
No ratings yet
Cyber Resilience Questionnaire
83 pages
A Cybersecurity Evaluation Tool For SMEs B
No ratings yet
A Cybersecurity Evaluation Tool For SMEs B
2 pages
Cyber Security - Protecting Digital Assets - SlidesGPT AI Powerpoint Generator
No ratings yet
Cyber Security - Protecting Digital Assets - SlidesGPT AI Powerpoint Generator
8 pages
Cybersecurity Essentials for All
No ratings yet
Cybersecurity Essentials for All
3 pages
(Ebook PDF) Effective Cybersecurity: A Guide To Using Best Practices and Standards Instant Download
100% (1)
(Ebook PDF) Effective Cybersecurity: A Guide To Using Best Practices and Standards Instant Download
57 pages
Cyber Essentials Starter Kit
No ratings yet
Cyber Essentials Starter Kit
17 pages
Tarea Etapa2
No ratings yet
Tarea Etapa2
9 pages
Ecsf Profiles V 0 5 Draft Release
No ratings yet
Ecsf Profiles V 0 5 Draft Release
27 pages
Cybersecurity Analyst Interview Questions
No ratings yet
Cybersecurity Analyst Interview Questions
14 pages
Cybersecurity Best Practices Guide
No ratings yet
Cybersecurity Best Practices Guide
6 pages
Sy 060101
No ratings yet
Sy 060101
19 pages
NIST CSF: Cybersecurity Framework Guide
No ratings yet
NIST CSF: Cybersecurity Framework Guide
7 pages
Common Threats of Cyber Security
No ratings yet
Common Threats of Cyber Security
17 pages
Milestone 1 Developing A Cybersecurity Implementation Guideline Treated UPDATED
No ratings yet
Milestone 1 Developing A Cybersecurity Implementation Guideline Treated UPDATED
8 pages
Cross-Sector Cybersecurity Performance Goals
No ratings yet
Cross-Sector Cybersecurity Performance Goals
28 pages
Milestone 2 Revised Cybersecurity Implementation Guideline
No ratings yet
Milestone 2 Revised Cybersecurity Implementation Guideline
7 pages
Unit 3
No ratings yet
Unit 3
10 pages
Cybersecurity Program Template
No ratings yet
Cybersecurity Program Template
19 pages
Self-Assessment Form To Measure The Service Providers Compliance of Cybersecurity Requirements
100% (1)
Self-Assessment Form To Measure The Service Providers Compliance of Cybersecurity Requirements
116 pages
FMN Spiral 5 Procedural Instructions For CIS Security
No ratings yet
FMN Spiral 5 Procedural Instructions For CIS Security
50 pages
Cybersecurity Framework Guide
No ratings yet
Cybersecurity Framework Guide
60 pages
Revised MoPSW CII For 24nov 2023
No ratings yet
Revised MoPSW CII For 24nov 2023
16 pages
Module 1 Glossary Introduction To Information Security and Compliance
No ratings yet
Module 1 Glossary Introduction To Information Security and Compliance
2 pages
Cybersecurity Basics for Beginners
No ratings yet
Cybersecurity Basics for Beginners
40 pages
NIST - Checklist
No ratings yet
NIST - Checklist
15 pages
Cybersecurity
No ratings yet
Cybersecurity
13 pages
Red Team Analyst Course Materials 1
No ratings yet
Red Team Analyst Course Materials 1
169 pages
KB4-RansomwareStepbyStep 1.1
No ratings yet
KB4-RansomwareStepbyStep 1.1
52 pages
MCRTA Study Material-Azure - pdf-1
0% (1)
MCRTA Study Material-Azure - pdf-1
70 pages
Cvss v31 User Guide - r1 PDF
No ratings yet
Cvss v31 User Guide - r1 PDF
22 pages
Ransomware Survival Guide
No ratings yet
Ransomware Survival Guide
27 pages
Network Vulnerability Scan Report
No ratings yet
Network Vulnerability Scan Report
6 pages
Number: H12-211 Passing Score: 800 Time Limit: 120 Min: Website: VCE To PDF Converter: Facebook: Twitter
No ratings yet
Number: H12-211 Passing Score: 800 Time Limit: 120 Min: Website: VCE To PDF Converter: Facebook: Twitter
78 pages
Integrated and Cloud Wireless 6.2 Course Description-Online PDF
100% (1)
Integrated and Cloud Wireless 6.2 Course Description-Online PDF
2 pages
SIEM For Beginners
No ratings yet
SIEM For Beginners
18 pages
PG3 User
No ratings yet
PG3 User
18 pages
UiTM M&E Engineering Exam
No ratings yet
UiTM M&E Engineering Exam
3 pages
Node Mcu
No ratings yet
Node Mcu
5 pages
Cutting Master 2 User Manual
No ratings yet
Cutting Master 2 User Manual
29 pages
Cost Estimation for Engineers
No ratings yet
Cost Estimation for Engineers
30 pages
Schumaker 1983
No ratings yet
Schumaker 1983
11 pages
2MP IR Cube Network Camera Specs
No ratings yet
2MP IR Cube Network Camera Specs
5 pages
Alarm Annunciator: Model: 1608
No ratings yet
Alarm Annunciator: Model: 1608
3 pages
Ch-12 Recurrent-Neural-Networks-And-Long-Short-Term-Memory BooK - Machine Learning and Deep Learning Using Python (McGraw Hill)
No ratings yet
Ch-12 Recurrent-Neural-Networks-And-Long-Short-Term-Memory BooK - Machine Learning and Deep Learning Using Python (McGraw Hill)
65 pages
AON6760
No ratings yet
AON6760
6 pages
EXPERIMENT5
No ratings yet
EXPERIMENT5
5 pages
Gr.11 Media Notes Unit 1 - SESSION 1-4
No ratings yet
Gr.11 Media Notes Unit 1 - SESSION 1-4
16 pages
314320-An-Mathematics For Machine Learning II Sample QP
No ratings yet
314320-An-Mathematics For Machine Learning II Sample QP
3 pages
Weld Discontinuity
No ratings yet
Weld Discontinuity
8 pages
cn250 PDF
No ratings yet
cn250 PDF
384 pages
Engineering ASL Level 3 Specification
No ratings yet
Engineering ASL Level 3 Specification
1,321 pages
Software Update - 1100 Series
No ratings yet
Software Update - 1100 Series
5 pages
Lecture 6
No ratings yet
Lecture 6
58 pages
Blog - Welding in Bridge Building - How Electric Arc Connects The Road
No ratings yet
Blog - Welding in Bridge Building - How Electric Arc Connects The Road
8 pages
Bosch Dishwasher Service Training Manual - Part6 PDF
No ratings yet
Bosch Dishwasher Service Training Manual - Part6 PDF
4 pages
HCR Remote Control MV3
No ratings yet
HCR Remote Control MV3
19 pages
Siemon2017 00
No ratings yet
Siemon2017 00
12 pages
Retail Management Information System
60% (5)
Retail Management Information System
12 pages
CKD SC Catalogue en Cb24sa
No ratings yet
CKD SC Catalogue en Cb24sa
32 pages
DPCV Selection
No ratings yet
DPCV Selection
1 page
Unit 1-1
No ratings yet
Unit 1-1
2 pages
Sawyer & Moxa Connection Guide
No ratings yet
Sawyer & Moxa Connection Guide
4 pages
Mostafa Qasim Fluid Report
No ratings yet
Mostafa Qasim Fluid Report
7 pages
Oil Tanker Operations PDF
83% (6)
Oil Tanker Operations PDF
253 pages
Dr. Amol Kolhe YT Analytics
No ratings yet
Dr. Amol Kolhe YT Analytics
4 pages