Framework program
NYDFS Cybersecurity Regulation evidence template.
This is a reusable framework module. It defines source authority, native identifier patterns, collector fit, expected evidence, manual evidence gates, and deployment posture before any client project is created.
planned23 NYCRR Part 500 with Second Amendment effective 2023-11-01NYDFS 500
Template status
planned
New York Department of Financial Services
Seed rows
5
Source-native requirement rows
Native examples
4
Stored without normalization loss
Collectors
4
document, configuration, api, manual-upload
Deployment fits
3
SaaS, private, appliance, runner
Native source contract
Keep the framework’s identifiers intact
500.2
Evidence maps to this native reference first, then to any shared ControlFrame control spine or cross-framework reuse.
500.7
Evidence maps to this native reference first, then to any shared ControlFrame control spine or cross-framework reuse.
500.12
Evidence maps to this native reference first, then to any shared ControlFrame control spine or cross-framework reuse.
500.17
Evidence maps to this native reference first, then to any shared ControlFrame control spine or cross-framework reuse.
Automated evidence
Collector lanes to build
MFA/access-control evidence
asset inventory evidence
vulnerability management evidence
audit-trail/logging evidence
incident notification workflow evidence
Manual or human-gated evidence
Do not fabricate these artifacts
board/governance approvals
certification of compliance
risk assessment
incident response and BCDR plan
third-party service provider policy