Cybersecurity Assessment

Cybersecurity Assessment
Software

Simplify your cybersecurity self-assessment process

Watch a Demo Get Free Version

Complete cybersecurity self-assessments in an easy, efficient, and repeatable way.

Tandem streamlines the compliance process, helping you benchmark and assess your organization's security posture against common cybersecurity control frameworks.

Frameworks

Easily complete your cybersecurity self-assessments based on frameworks like the NIST Cybersecurity Framework (CSF), CISA Cybersecurity Performance Goals (CPGs), Texas Cybersecurity Framework (TCSF), and more. See the FAQ section for a full list of supported frameworks.

Dashboards & Reports

Explore clear and intuitive dashboards that give you a comprehensive snapshot of your cybersecurity assessments. Use the built-in reports to gain key insights into your control status and help ensure everything is on track.

Peer Analysis

Gain perspective into your assessment results by anonymously comparing your results with more than 1,100 other organizations who have completed their cybersecurity self-assessments with Tandem.

Gap Analysis

Create an action plan to improve your cybersecurity maturity based on the target status set for each control. Assign tasks to ensure follow-through on action items, helping promote continuous improvement in your overall maturity.

Attach Evidence

Upload file attachments to each control with Tandem Cybersecurity Assessment Pro. Storing your documentation in this way helps validate your answers. Export the attachments, along with your assessment in a ready-to-go .zip folder.

Custom Documents

Effortlessly generate consistent, professional documents to share with your team. Choose from pre-designed templates or create your own documents by selecting the information that matters most to you and your stakeholders. These customizable documents are available in Microsoft Word, Microsoft Excel, and Adobe PDF formats.

Control Mappings

Use the control mapping feature to view the status of a control and optionally import answers across assessments. These cross-framework comparisons are designed to help you determine the current status for your controls based on relevant insights and historical data.

Management Tools

Simplify your workload by using Tandem's assessment management tools. Delegate responsibility for categories or controls, schedule follow-up tasks and notifications, and copy previous assessments when it's time for an update.

Features
Free
Request Access
Pro
Get a Quote
Conduct cybersecurity assessments based on a variety of common frameworks
Set a target status for each control to help benchmark and evaluate control maturity
Create an action plan to help you respond to gaps in the assessment
Run various reports to model data in an easy-to-read format
Optionally participate in peer analysis to anonymously compare self-assessment results with other organizations
Review industry guidance and control mappings to see cross-framework insights
Create tasks to notify self-assessment collaborators of responsibilities
Create a new assessment by copying a previously completed self-assessment
Automatically import your self-assessment answers based on the control status from mapped frameworks
Assign user access to specific categories and controls
Share your assessments securely by granting read-only access to users
Upload file attachments to validate control status
Create and modify custom documents to export data in presentation-ready documents
Filter peer data by regulatory body and asset size
Export peer data in easy-to-share formats
Flag controls for follow-up to ensure accuracy
Use the revision and approval log to track updates and the assessment's approval date

Features

Free

See More Request Access

Pro

See More Get a Quote
Are you interested in
Cybersecurity Assessment Software?
Watch a Demo Get Free Version
"The Tandem Business Continuity Planning software has streamlined how we manage business continuity for our bank. Before Tandem, we lost files and had to update and make changes to a Word document. This software has helped us focus on the important aspects of business continuity and made it easier to update, train, and report to our Board of Directors."
Brandi Shiflett, EVP
Senior Operations Officer
North Dallas Bank & Trust Co in Dallas, TX
"Tandem’s Business Continuity Planning software is a strong program that integrates well with Tandem’s Vendor Management software. It provides good reports for our Board of Directors and Management. It is easy to update, and I am able to access it from anywhere… even on my phone."
James Tipton, EVP
Enterprise Risk Manager
North Dallas Bank & Trust Co. in Dallas, TX
"Tandem's Business Continuity Planning software has given us the direction we needed to establish good processes for our organization."
Ron Dittmann
VP of IT
Texas Trust Credit Union in Mansfield, TX
"Tandem is an excellent product that I highly recommend. It has helped us to fill the gaps regarding our BCP and Risk Assessments. It was a major help with our last NCUA exam with the addition of the ACET request list. I have nothing but great things to say about Tandem!"
Crystal Woodward-Smith
Compliance Officer
Hope Federal Credit Union in Jackson, MS
"First, I want to thank Tandem for being such a great partner of ours. We are extremely grateful for the tools you have provided. Particularly, your BCP program and the employee alert system. As of right now that is our main communication system for most of our employees."
"Tandem is extremely easy to use. I just started in the system (in earnest) and was able to quickly navigate through the steps. It’s very logical, comprehensive and I’m hopeful it will result in easier reports and exams. It’s a phenomenal option for a bank our size."
Robin Banell
VP of Compliance, Internal Control Officer
F & M Bank in Edmond, OK
"Thanks for all that you folks do to support and improve the software. We’ve been impressed with Tandem since day one; especially the responsiveness of the support and development teams with our needs and requests for new features. Thanks for all you do."
"We are so happy to have a partner like Tandem. Your products help our community bank compete with larger, regional and national banks without the expense of a huge staff."
Chris Manus
Information Technology Manager
Citizens Bank in Carthage, TN
"Tandem Vendor Management has made the process for collecting and tracking documents a breeze. The Vendor Management system is easy to use, yet quite powerful software. The software has saved us time from old spreadsheets and a manual vendor review process. I would highly recommend any organization to this system."
Kyle Moreland
Compliance Officer
Johnson City Bank in Johnson City, TX
"We started using Tandem for our vendor management program in late 2014. Right from the start we found the software easy to use and perfect for our needs. Their support team is responsive and friendly and continues to exceed our expectations. We find the free training sessions, videos, and knowledge base extremely helpful. Tandem has been a great business partner and it is a pleasure to work with them."

Frequently Asked Questions

Template frameworks currently supported in the Tandem Cybersecurity Assessment product include:

  • CISA Cybersecurity Performance Goals (CPGs)
  • CISA IT Sector-Specific Goals (SSGs)
  • FDIC Information Technology Risk Examination (InTREx)
  • FFIEC Cybersecurity Assessment Tool (CAT)
  • NCUA Automated Cybersecurity Evaluation Toolbox (ACET)
  • NCUA Information Security Examination (ISE)
  • NIST Cybersecurity Framework (CSF)
  • OCC Cybersecurity Supervision Work Program (CSW)
  • Payment Card Industry Data Security Standard (PCI DSS)
  • Texas Cybersecurity Framework (TCSF)

Other frameworks not included as templates may be added or imported by the user (e.g., CRI Profile, CIS Controls). Additional template frameworks are coming soon.

When selecting a cybersecurity framework, it can be helpful to consider factors like:

  • Is the framework easy to understand?
  • Is the framework easy to implement?
  • Is the framework cost friendly?
  • Is the framework familiar to your stakeholders (e.g., Board, examiners, etc.)?
  • Is the framework easy to report?

While each financial institution’s needs and expectations may vary, understanding the extent to which a framework ticks these checkboxes is vital.

To learn more about this topic, check out our blog: What Framework Do I replace the FFIEC CAT with?

The peer analysis feature uses anonymous aggregate peer data to show how you compare with other Tandem customers in this ever-evolving cyber landscape. You can choose to include or exclude your data in the anonymous peer data set at any time.

With Cybersecurity Assessment Pro, you can filter peer results by regulatory body and asset size.

Yes. Tandem Support is available 8:00 AM – 5:00 PM (CT), Monday through Friday to answer your questions about Tandem application features.

You are also invited to attend our annual KEYS conference to connect with other users and learn from Tandem experts.

For cybersecurity consulting, check out our partners. Tandem partners can assist with item such as:

  • Annual cybersecurity training for your Board of Directors
  • Assistance with reporting your cybersecurity assessment results to the Board
  • Consulting services, related performing cybersecurity self-assessments
  • Employee training on the Tandem Cybersecurity Assessment product

Tandem is pleased to offer complimentary training webinars each month for our customers. These webinars are recorded and available on-demand.

A Knowledge Base is available with articles to help you learn about Tandem. You can stay up to date on our latest features by subscribing to our Software Update emails.

Product training is also available by request for an additional fee.

Yes. Tandem maintains high marks through the following testing: SSAE 18 SOC 1 Type 2, internal audits and assessments, quarterly penetration tests.

Security controls include:

  • Secure data transmission between your browser and your servers
  • Data encrypted at rest using AES-256
  • User passwords are hashed and salted
  • Datacenter protected by firewall and intrusion detection/prevention systems (IDS/IPS)
  • Redundant internet connections
  • Multifactor authentication options
  • Single Sign On (SSO) integration using SAML 2.0
  • IP address restrictions
  • User activity log
  • User access roles/restrictions

Tandem products are delivered via the internet as Software-as-a-Service (SaaS) applications. Tandem can be accessed from any device with a modern web browser. No software installation or special equipment is required.

New features and updates are included with your annual subscription and are automatically available. Each new feature is documented in our Software Updates blog.

Yes. All Tandem products are available under the same secure website.

Some frameworks include references to areas of Tandem (e.g., Policies, Business Continuity Plan, Vendor Management, etc.) where the control may be addressed, if using Tandem recommended content.

Yes. With a single login you can manage several companies' cybersecurity assessments (requires a subscription for each company).

Tandem Products

Audit Management
Business Continuity Planning
Compliance Management
Cybersecurity Assessment
Identity Theft Prevention
Incident Management
Internet Banking Security
Phishing
Policies
Risk Assessment
Vendor Management

Ready to see what Tandem can do for you?

Watch a Demo