27 February 2024
The Bank of England is working to ensure that the financial sector in the UK is resilient to any disruptions to its operations. The financial sector includes banks, building societies, insurers, and financial market infrastructure providers (FMIs). They carry out this work together with the UK’s two other financial authorities: HM Treasury and the Financial Conduct Authority.
Operational disruption to important business services could impact financial stability, threaten the safety and soundness of individual firms and financial market infrastructures (FMIs), and cause harm to consumers and other market participants in the financial system. In this context, firms and FMIs should assess their cyber risk and build adequate resilience capabilities to prepare for, and respond to, cyber events and incidents that could cause operational disruption.
As a result of this mandate the Bank of England has introduced several programs and tools (CBEST and CQUEST) that allow financial organisations to benchmark their cyber technological and security operational resilience. In this whitepaper, we provide an overview of the CQUEST assessment questionnaire and guidance on managing and demonstrating compliance.
