Artefacts

We aim to deliver sectorwide operational resilience improvements to benefit the safety and security of customers through trusted and effective collaboration

Welcome to the CMORG Artefact library

This brings together all CMORG outputs that are accessible to industry participants. You can register to access all of these here, but to receive a response, you must provide an industry email address and be a direct industry participant.

Filter by:

Third Party
Scenario Testing of Critical Third Parties
A common approach to scenario testing of critical third parties in order to address the challenge common providers have of multiple assurance engagements with diverse financial institutions.
Third Party
System integrity Reconnection Framework
Guidance to the UK financial sector to aid the process of resuming business and safely reconnecting an organisation that has been technically quarantined after suffering a material cyber incident.
Payments
Payments Prioritisation (Retail)
Common definitions of critical GBP retail payments to support prioritisation across the sector during severe but plausible operational disruption.
Technology and cyber
Log4J Lessons Learned
Sector learnings from the Log4j incident to optimise the approaches undertaken by larger firms and support capability building across the wider sector.
Technology and cyber
Third Party Information Security Management
Guidance in conjunction with the NCSC on managing third party information security to minimise the risk that an inconsistent or outdated approach leaves the sector more vulnerable to attacks.
Technology and cyber
Data Vaulting Reference Architecture
Best practice approach in which data is captured and reused in response to malicious data destruction events using a cloud hosted data vault.
Payments
Payments Prioritisation (Wholesale)
Common definitions of critical GBP wholesale payments to support prioritisation across the sector during severe but plausible operational disruption.
Technology and cyber
Cloud Control Framework
A cloud framework to support consistent adoption of controls and practices across shared accountability models between FS firms and Cloud Services Providers.
Technology and cyber
Security in the Cloud
Guidance on how to plan and implement security in the Cloud to optimise the approach undertaken by CMORG firms and support capability building across the wider sector.