SEC Alert: Plans for Cyber/Data PII Inspections

The SEC is set to begin a second round of exams throughout the country, focusing on now only whether firms have a security policy in place, but whether or not they are actively testing it.  

In this Alert: Topic:  Cybersecurity

Key Takeaways:   OCIE staff will continue its focus on cybersecurity by conducting examinations of registered broker-dealers and investment advisers. The examinations will focus on key topics including governance and risk assessment, access rights and controls, data loss prevention, vendor management, training, and incident response.  To assist firms in assessing their cybersecurity preparedness, OCIE has included a sample document request in the Appendix to this Risk Alert.  MORE