Following on from the development of the original guidance produced in 2021, this document provides an update to firms on the guidance to implementing operational resilience.

This artefact emphasises the urgency of managing quantum risk and aligns with the UK National Cyber Security Centre’s (NCSC) guidance for the financial sector which is transitioning towards quantum-safe cryptographic practice.

The Supplier Risk Assurance Framework was designed to develop a third-party assurance scale as a practical tool to help firms assess the cyber security risk of their third parties and ensure appropriate levels of risk-based control.

This artefact was formulated to establish a standardised template and associated guidance for exit strategies concerning material and high-impact suppliers as part of an organisation’s Third Party Risk Management framework and associated Business Continuity and Disaster Recovery measures.

The DSL is designed to be a shared resource which contains a catalogue of categorised and individually described scenarios, constructed using a common design methodology.

This artefact was developed to promote good practice guidance on how to plan and implement security in the Cloud to optimise the approach undertaken by CMORG firms and support capability building across the wider sector.

Developed to provide industry expertise on managing resilience risks through the lifecycle of a third-party engagement, optimising the approaches undertaken by larger firms and supporting capability building across the wider sector.

A common approach to scenario testing of critical third parties to address the challenge common providers have of multiple assurance engagements with diverse financial institutions.

The principles in this artefact relate to the substitution of a business service.