Secure Controls Framework
Download The SCF
NY DFS Part 500

What is the CISO role under NY DFS Part 500?

Direct Answer

NY DFS Part 500 requires each covered entity to designate a qualified Chief Information Security Officer (CISO) responsible for overseeing and implementing the cybersecurity program. The CISO must report at least annually to the board of directors or a senior officer. The CISO function can be fulfilled by a third-party service provider, but the covered entity retains accountability.

Keep Exploring

Relevant Resources

References

Authoritative Sources