Warning: Trying to access array offset on value of type bool in /home/levick/www/www/wp-content/plugins/elementor-pro/modules/dynamic-tags/tags/post-featured-image.php on line 36

Warning: Trying to access array offset on value of type bool in /home/levick/www/www/wp-content/plugins/elementor-pro/modules/dynamic-tags/tags/post-featured-image.php on line 36

Warning: Trying to access array offset on value of type bool in /home/levick/www/www/wp-content/plugins/elementor-pro/modules/dynamic-tags/tags/post-featured-image.php on line 36

Warning: Trying to access array offset on value of type bool in /home/levick/www/www/wp-content/plugins/elementor-pro/modules/dynamic-tags/tags/post-featured-image.php on line 36
Cyber Risk Institute Expands Its Profile – LEVICK
Fixing the ImpossiBle
24/7 (202) 973-1300   

Cyber Risk Institute Expands Its Profile


Warning: Trying to access array offset on value of type bool in /home/levick/www/www/wp-content/plugins/elementor-pro/modules/dynamic-tags/tags/post-featured-image.php on line 36

The Cyber Risk Institute (CRI) expanded its offerings for a vital segment of the financial services sector: insurers and the insurance industry.

Washington D.C. — On Nov. 12, 2020, the Cyber Risk Institute (CRI) released an update to its Profile to expand the Profile’s offerings and increase its utility for a vital segment of the financial services industry – insurers and the insurance industry. This Version 1.1 incorporates the National Association of Insurance Commissioners (NAIC) Financial Condition Examiners Handbook (sometimes referred to as the NAIC IT Handbook) updates, particularly updates to its Exhibit C: EVALUATION OF CONTROLS IN INFORMATION TECHNOLOGY (IT). Additionally, Profile v1.1 now includes a full suite of “Informative References” for the functions “Governance” and “Supply Chain/Dependency Management,” better connecting those functions and related diagnostics to widely used industry standards such as ISO, COBIT and NIST 800-53.

CRI Managing Director Josh Magri characterized the release of Version 1.1 as a great “next step” in the development of the Profile. “CRI is always working to improve and amplify the Profile by integrating new elements — but I am especially pleased that for our first update, we are adding guidance which is used across the insurance industry. This clearly demonstrates the flexibility of the Profile, and in certain ways, is a symbol of what is to come: we aren’t limited to one portion of the sector.”

The NAIC Handbook “offers specific instructions and suggestions for carrying out each individual phase of examination” and the inclusion of Exhibit C and amendments in the Profile eases the ability of these users to ensure they’re meeting their cybersecurity and IT requirements. Because NAIC managed this mapping to the Profile directly, the inclusion of the Handbook’s Exhibit C reflects the progressive approach that the NAIC has taken toward supporting industry compliance efforts, and their confidence in the Profile. It also provides Profile users certainty in the matching of the Profile diagnostic statements to regulator intent…Read more

More Posts

My Old Man

“My father used to play with my brother and me in the yard. Mother would come out and say, ‘You’re tearing up the grass.’ ‘We’re

History is Calling

Photo from The Anne Frank House, modified for LEVICK blog “Give of yourself…you can always give something, even if it is only kindness…no one has

Loss & Hope

“Ah death. A change of clothes.” – The Dalai Lama What we remember are the stories. It is what holds us together. Families. Communities. Countries.