4C Security


ACET is an automated tool required for Credit Unions by the NCUA to measure their inherent risk profile and test maturity across five domains including cyber risk management and oversight, threat intelligence and collaboration, cybersecurity controls, external dependency management, and cyber incident management and resilience.

Credit Unions must maintain an ongoing information security risk assessment program that effectively:

  • Gathers data regarding the information and technology assets of the organization, threats to those assets, vulnerabilities, existing security controls and processes, and the current security standards and requirements
  • Analyzes the probability and impact associated with the known threats and vulnerabilities to their assets
  • Prioritizes the risks present due to threats and vulnerabilities to determine the appropriate level of training, controls, and assurance necessary for effective mitigation

A strategy should be developed that defines control objectives & establishes an implementation plan. Security strategies should include:

  • Appropriate consideration of prevention, detection, and response mechanisms
  • Implementation of the least permissions and least privileges concepts
  • Layered controls that establish multiple control points between threats and organization assets
  • Policies that guide officers and employees in implementing the security program


  • As the preferred cybersecurity partner of CUNA, we have served many small to mid-sized financial institutions and have been held to the same stringent compliance regulations as many of our clients.

  • We deliver technology that offers a holistic view of security across your company, not just a single technology area.

  • Compliance reporting is much easier with flexible and easy data acquisition across your entire security architecture.

  • We help streamline and centralize your monitoring and management. This means your IT teams are more efficient and free to perform functions that increase your overall security.

  • We lessen the strain of technical and human resource complexity so you can continue to grow and add new services while being safe in the knowledge your defenses are stronger than ever.

  • Supplement with consulting services to define and test your information security program.


Discover how 4C can help you meet and maintain your cyber compliance.


An overview of the ACET and how you can best prepare

Starting in 2020, the National Credit Union Administration (NCUA) will require credit unions with assets in excess of $250M to use ACET – their cybersecurity assessment tool for determining the security posture of credit unions. The time to prepare is now.

This guide contains:

  • Overview of the ACET’s Inherent Risk Profile
  • Discussion of cybersecurity maturity assessment
  • Tips for completing the ACET
  • Ways 4C can help