FRAMEWORK DETAIL

CRI Profile

A financial services-focused cybersecurity profile that consolidates expectations into a practical, assessable set of diagnostic statements - and operationalizes them in SmartSuite.

Explore CRI Profile
arrow_forward
See Control Mapping
arrow_forward

SmartSuite provides the system for managing controls, evidence, mappings, assessments, and reporting.
Framework text may require a separate license unless explicitly provided.

OVERVIEW

What is the CRI Profile?

The CRI Profile is a cybersecurity and resilience framework created for the financial sector. It consolidates regulatory and supervisory expectations into a single, practical structure that organizations can use to assess their program consistently and communicate results in a common language.

CRI is organized around seven functions - Govern, Identify, Protect, Detect, Respond, Recover, and Extend - and expresses expectations as diagnostic statements that can be tested, tracked, and improved over time. This makes it well suited for programs that need repeatable assessments, clear ownership, and audit-ready evidence.

In SmartSuite, CRI Profile becomes a living controls program: you map internal controls to CRI diagnostic statements, link evidence and testing, track issues and remediation, and report readiness by function, tier, system, business unit, or audit period.

AT A GLANCE
Framework snapshot

A quick reference you can keep consistent across every framework page.

  • auto_stories
    Publisher
    Cyber Risk Institute (CRI)
  • globe_location_pin
    Region / scope
    Global (financial sector)
  • contract
    Requirements
    318 diagnostic statements
  • stacks
    Framework type
    7 functions (Govern, Identify, Protect, Detect, Respond, Recover, Ex
  • task_alt
    Current version
    Profile v2.x
CROSSWALKS

Crosswalks and mappings

A major benefit of CRI is the crosswalk. CRI publishes mapping resources so teams can start with CRI as a baseline and demonstrate alignment to additional frameworks and references - without rebuilding their program from scratch.

Americas Argentina

Learn More
arrow_forward
Americas Brazil LGPD

Learn More
arrow_forward
Americas Canada CSAG

Learn More
arrow_forward
SMARTSUITE

How SmartSuite supports this framework

Operationalize this framework as a living controls program - not a one-time assessment.

download_done

Controls library as the system of record

Define owners, cadence, scope, and status for every control.

download_done

Map controls to framework requirements

Maintain coverage notes and traceability without duplicating work.

download_done

Evidence workflows

Request, collect, review, and refresh evidence on a schedule.

download_done

Assessments and testing cycles

Run recurring tests and assessments with clear status and reviewers.

download_done

Issues and remediation tracking

Route exceptions to owners, manage SLAs, and track closure evidence.

download_done

Dashboards and reporting

Roll up coverage, gaps, and readiness by domain, owner, and period.

RESOURCES

Official CRI resources

Use these authoritative CRI resources to guide implementation and keep mappings current.

CRI Profile Guidebook
Overview of the Profile, structure, intended use, and implementation guidance.
View
chevron_forward

Related frameworks

Common frameworks and references teams map to when CRI is used as the baseline.

Americas Argentina

Learn More
arrow_forward
Americas Brazil LGPD

Learn More
arrow_forward
Americas Canada CSAG

Learn More
arrow_forward
ONBOARDING FAQS

Frequently Asked Questions About
Services Offerings

Can I connect SmartSuite to something that isn’t on your integrations list?

Can I connect SmartSuite to something that isn’t on your integrations list?

Do I need other accounts or API keys in order to access tools in SmartSuite?

Do I need other accounts or API keys in order to access tools in SmartSuite?

How can SmartSuite give me better data coverage and pricing than Zoominfo or other data providers?

How can SmartSuite give me better data coverage and pricing than Zoominfo or other data providers?

NEXT STEP

Turn ESG Goals into Measurable Business Outcomes

SmartSuite helps you centralize ESG data, automate reporting, and collaborate across departments. Break down silos between sustainability, compliance, and operations to drive accountability and impact.

Explore in SmartSuite
chevron_forward
View all Frameworks
chevron_forward