Skip to content
  • There are no suggestions because the search field is empty.

Compliance Reports: Federal Financial Institutions Examination Council (FFIEC)

The Federal Financial Institutions Examination Council (FFIEC) is a body of the United States government empowered to prescribe principles, standards, and report forms for the federal examination of financial institutions by the Board of Governors of the Federal Reserve System (FRB), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), the Office of the Comptroller of the Currency (OCC), Mergers & Acquisitions International Clearing (MAIC), and the Consumer Financial Protection Bureau (CFPB).

Dependencies

The FFIEC compliance reports depend on the following RSA NetWitness Rules.

  • Column 1:

    Accounts Created

    Accounts Deleted

    Accounts Modified

    Accounts Enabled

    Admin Access to Compliance Systems Details

    Admin Access to Compliance Systems Summary

    Encryption Failures

    Failed Escalation of Privileges Details

  • Column 2:

    Failed Escalation of Privileges Summary

    Failed Remote Access Details

    Failed Remote Access Summary

    Firewall Configuration Changes

    Logon Failures Details

    Logon Failures Summary

    Password Changes

    Password Changes Summary

  • Column 3:

    Router Configuration Changes

    Successful Escalation of Privileges Details

    Successful Escalation of Privileges Summary

    Successful Remote Access Details

    Successful Remote Access Summary

    User Access Revoked


Citations

The FFIEC reports have the following Citations.

  • Report Rule: Escalation of Privileges - Detail
    Escalation of Privileges - Top 25
  • Citation Number: Exam Tier I Obj 4.1, Exam Tier II Obj A.1 (Access Rights Administration)
  • Citation Description: Evaluate Authentication and Authorization;Evaluate Authentication and Access Controls

  • Report Rule: User Access Revoked
  • Citation Number: Exam Tier I Obj 4.1, Exam Tier II Obj A.1 (Access Rights Administration)
  • Citation Description: Evaluate Authentication and Authorization;Evaluate Authentication and Access Controls

  • Report Rule: Logon Failures - Detail
  • Citation Number: Exam Tier II Obj A.7(Authentication),Exam Tier II Obj B.7
  • Citation Description: Evaluate Authentication and Access Controls;Evaluate Network Security

  • Report Rule: Logon Failures - Top 25
  • Citation Number: Exam Tier II Obj A.7(Authentication),Exam Tier II Obj B.7
  • Citation Description: Evaluate Authentication and Access Controls;Evaluate Network Security

  • Report Rule: Admin Access to Compliance Systems - Detail
  • Citation Number: Exam Tier I Obj 4.1;Exam Tier II Obj A.2 (Authentication); Exam Tier II Obj A.4 (Access Rights Administration)
  • Citation Description: Evaluate Authentication and Authorization;Evaluate Authentication and Access Controls

  • Report Rule: Admin Access to Compliance Systems - Top 25
  • Citation Number: Exam Tier I Obj 4.1;Exam Tier II Obj A.2 (Authentication);Exam Tier II Obj A.4 (Access Rights Administration)
  • Citation Description: Evaluate Authentication and Authorization;Evaluate Authentication and Access Controls

  • Report Rule: Password Changes - Detail
    Password Changes - Top 25
  • Citation Number: Exam Tier I Obj 4.1,Exam Tier II Obj A.4(Authentication)
  • Citation Description: Evaluate Authentication and Authorization;Evaluate Authentication and Access Controls

  • Report Rule: Firewall Configuration Changes
  • Citation Number: Exam Tier II Obj B.10,Exam Tier II Obj M.4
  • Citation Description: Evaluate Network Security;Evaluate Security Monitoring

  • Report Rule: Router Configuration Changes
  • Citation Number: Exam Tier II Obj B.10,Exam Tier II Obj M.4
  • Citation Description: Evaluate Network Security;Evaluate Security Monitoring

  • Report Rule: Successful Remote Access - Detail
  • Citation Number: Exam Tier II Obj B.17
  • Citation Description: Evaluate Network Security

  • Report Rule: Successful Remote Access - Top 25
  • Citation Number: Exam Tier II Obj B.17
  • Citation Description: Evaluate Network Security

  • Report Rule: Failed Remote Access - Detail
  • Citation Number: Exam Tier II Obj B.17
  • Citation Description: Evaluate Network Security

  • Report Rule: Failed Remote  Access - Top 25
  • Citation Number: Exam Tier II Obj B.17
  • Citation Description: Evaluate Network Security

  • Report Rule: Successful Use of Encryption
  • Citation Number: Exam Tier I Obj 4.1
  • Citation Description: Evaluate Authentication and Authorization

  • Report Rule: Encryption Failures
  • Citation Number: Exam Tier I Obj 4.1
  • Citation Description: Evaluate Authentication and Authorization

  • Report Rule: Accounts Created
  • Citation Number: Exam Tier I Obj 4.1
  • Citation Description: Evaluate Authentication and Authorization

  • Report Rule: Accounts Modified
  • Citation Number: Exam Tier I Obj 4.1
  • Citation Description: Evaluate Authentication and Authorization

  • Report Rule: Accounts Deleted
  • Citation Number: Exam Tier I Obj 4.1
  • Citation Description: Evaluate Authentication and Authorization

  • Report Rule: Account Management
  • Citation Number: Exam Tier I Obj 4.1
  • Citation Description: Evaluate Authentication and Authorization

docFeedback.png

You are here
Table of Contents > Compliance Reports: Federal Financial Institutions Examination Council (FFIEC)