CRI Profile Compliance
Operationalize the Cyber Risk Institute (CRI) Profile to align governance, risk, and compliance programs — simplifying assessments, evidence management, and regulatory reporting across financial services.
Solution Overview
The CRI Profile Compliance solution enables financial institutions to operationalize the Cyber Risk Institute (CRI) Profile within SmartSuite — uniting cybersecurity, risk, and compliance management in one connected system.
SmartSuite simplifies alignment to the FFIEC Cybersecurity Assessment Tool (CAT), NIST Cybersecurity Framework (CSF), and other regulatory expectations by linking each CRI function, category, and sub-category to your internal controls, policies, and evidence.
Automated workflows guide teams through self-assessments, gap analyses, and remediation tracking, ensuring continuous readiness for audits and regulatory exams.
SmartSuite’s unique position as the platform used by the Cyber Risk Institute itself ensures that institutions can leverage the same operational framework trusted by leading banks and regulators.
Core Capabilities
SmartSuite’s CRI Profile Compliance solution delivers structured, repeatable workflows to help institutions measure, report, and demonstrate compliance with cybersecurity and regulatory standards.
CRI Profile Alignment
Map and track all CRI functions, categories, and sub-categories with corresponding internal controls and policies.
Gap Analysis & Scoring
Identify maturity levels and gaps across CRI sections with configurable scoring models.
Control & Evidence Management
Link controls, upload evidence, and document validation outcomes for each requirement.
Regulatory Cross-Mapping
Automatically align CRI requirements to frameworks like NIST CSF, FFIEC, ISO 27001, and SOC 2.
Assessment & Review Workflows
Assign owners, collect responses, and track review progress across departments.
Remediation Tracking
Create and monitor action plans for identified deficiencies.
Dashboard & Reporting
View readiness summaries, trend reports, and exam-ready documentation exports.
The CRI Profile Lifecycle
SmartSuite supports the complete CRI Profile lifecycle — from initial assessment through remediation and continuous improvement — enabling institutions to demonstrate cybersecurity maturity and regulatory alignment.
Assess
Complete CRI Profile self-assessment across functions and categories.
Map & Validate
Align controls and policies to CRI and NIST/FFIEC frameworks.
Remediate
Address identified gaps and assign remediation tasks.
Monitor
Track control performance and evidence updates.
Report
Generate audit-ready reports and regulatory submissions.
Who Uses This Solution
The CRI Profile Compliance solution supports risk, cybersecurity, and compliance professionals within financial services organizations who must demonstrate adherence to industry and regulatory expectations.
Plans and oversees assessment campaigns.
Links assessment outcomes to enterprise risks.
Verifies version control and policy attestations for audit evidence.
Connected GRC Ecosystem
SmartSuite solutions form a unified GRC architecture. ERM connects with related solutions to synchronize data, workflows, and reporting.
Artificial Intelligence
SmartSuite's AI generates insights, summarizes complex results, and predicts risks within existing workflows to support proactive decisions.
Detect patterns across registers, incidents, and control failures; generate mitigation recommendations.
Automations
Use SmartSuite's no-code engine to eliminate repetitive tasks and ensure accountability across risk operations.
Detect patterns across registers, incidents, and control failures; generate mitigation recommendations.
Integrations
Integrate with the tools your teams use every day. Keep controls, incidents, and risk data in sync through prebuilt connectors and open APIs.
Detect patterns across registers, incidents, and control failures; generate mitigation recommendations.
Frequently Asked Questions
Answers to common questions about SmartSuite’s pricing models, plan options, and onboarding programs.
SmartSuite offers four plan types: Team, Pro, Enterprise, and Signature.
- Team, Pro, and Enterprise Plans use a per-user pricing model with feature and usage limits designed to scale as your organization grows.
- Signature Plan provides per-solution pricing for enterprises that need to license specific SmartSuite Solutions — such as GRC, ITSM, or Procurement — for large user populations with advanced governance and support requirements.
You can start by filling out the partner program registration form here.
By signing up to the Service Provider Partner Program you agree to our terms and conditions.
There is no cost. However, there are additional eligibility requirements to join.
First, you must be a customer of SmartSuite to be eligible to participate in the Service Provider Partner program. We believe it is important for all of our partners to be active SmartSuite users (minimum 5 active account members). It’s difficult to recommend a SaaS product that you do not see value in using yourself!
Additionally, you must have 15+ employees and $1.5M in annual revenue to join our network of solution partners.
You will be able to work leads through your sales process to a closed-won or closed-lost state.
You will be able to work leads through your sales process to a closed-won or closed-lost state.
Discover the Power of Connected GRC
Break down silos, improve collaboration, and streamline compliance. SmartSuite helps GRC teams achieve more — with integrated data, automation, and a shared source of truth across the organization.