Search Results

You are looking at 1 - 3 of 3 items for :

  • "self-assessment guidance" x
  • Financial and monetary sector x
Clear All
International Monetary Fund. Monetary and Capital Markets Department

regulation. The regulation should not prefer or require any specific framework nor specific technology. Based on the discussions the mission facilitated, country examples that could be considered include Canada, Australia, Singapore, or Kenya. Supporting tools, such as the Federal Financial Institutions Examination Council Cybersecurity Assessment Tool or the Office of the Superintendent of Financial Institutions (OSFI) Cyber Security Self-Assessment Guidance could provide valuable input to the development of the cybersecurity principles and supervisory interpretations. 6

International Monetary Fund. Monetary and Capital Markets Department
Cybersecurity risk is embedded in the CBB’s supervisory framework, but additional enhancements are needed to formalize guidance and develop more intensive supervisory practices. Supervisory expectations on cybersecurity are presented in an informal guidance note, which should be formalized into regulation to ensure enforceability; and an IT/cybersecurity supervisory manual should be developed to promote effective and consistent practices. With its principle-based guidance note, the CBB highlights its priorities in strengthening the cybersecurity posture of Belizean financial institutions. The principles are an appropriate interpretation of international best practices on incident prevention, detection, response, and recovery measures, adapted to the cyber maturity of the Belizean financial institutions, and can be used as a foundation for the formalized guidelines. The manual could emphasize the review of cybersecurity strategies, policies, and responsibility specifications and should address obtaining assurance on the effectiveness of the financial institutions’ processes for cyber risk identification, assessment, and mitigation.