The NIST Cybersecurity Framework, created through collaboration between industry and government, consists of standards, guidelines, and practices to promote the protection of critical infrastructure through effective information security management. https://www.nist.gov/cyberframework
FS-ISAC collaborated with members of the Financial Services Sector Coordinating Council (FSSCC) on an automated tool to assist financial institutions of all sizes to collect and score their responses to the Federal Financial Institutions Examination Council’s Cybersecurity Assessment Tool.
ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS), a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process., and can help small, medium and large businesses in any sector keep information assets secure.
Drawing upon the NIST cybersecurity framework, as well as other industry and government resources, SIFMA has composed a guidebook and checklist tailored to small firms.
FINRA has created a checklist to assist small firms in establishing a cybersecurity program.