NYS DFS (23 NYCRR §500)

New York State’s Department of Financial Services (NYSDFS) Cybersecurity Regulation (23 NYCRR 500) is a new set of regulations from the NY Department of Financial Services (NYDFS) that places new cybersecurity requirements on all covered financial institutions. CipherTechs consultants can perform an audit to ensure the organization is compliant with 23 NYCRR §500 applicable sections.

Who is it for

Any organization who needs to meet 23 NYCRR §500 compliance and needs to submit to the NYS Supervisor.

How is it performed

CipherTechs’ auditors review the organization’s potential exemptions from portions of 23 NYCRR §500 prior to starting the compliance assessment. The auditor conducts a series of interviews with the client personnel in charge of IT operations, cyber security, application developers, and reviews documentation and evidence to see if the organization has the needed requirements implemented and operational to meet 23 NYCRR §500 requirements. CipherTechs will issue an audit report for 23 NYCRR §500 and a client whitepaper for the organization to provide to clients when asked about their 23 NYCRR §500 compliance.