We use cookies to track usage and preferences. See Cookie Policy
Pocketmags Digital Magazines
AU
Pocketmags Digital Magazines
   You are currently viewing the Australia version of the site.
Would you like to switch to your local site?
Digital Subscriptions > The Hedge Fund Journal > Issue 125 - August 2017 > National Exam Program Risk Alert

National Exam Program Risk Alert

Observations from cybersecurity examinations

COMMENTARY

SEC’s OFFICE OF COMPLIANCE INSPECTIONS AND EXAMINATIONS (OCIE)1, 7th AUGUST 2017

This Risk Alert provides a summary of observations from OCIE’s examinations of registered broker-dealers, investment advisers, and investment companies conducted pursuant to the Cybersecurity Examination Initiative announced on September 15, 2015.

I. Introduction

In OCIE’s Cybersecurity 2 Initiative, National Examination Program staff examined 75 firms, including broker-dealers, investment advisers, and investment companies (“funds”) registered with the SEC to assess industry practices and legal and compliance issues associated with cybersecurity preparedness.2 The Cybersecurity 2 Initiative built upon prior cybersecurity examinations, particularly OCIE’s 2014 Cybersecurity 1 Initiative.3 However, the Cybersecurity 2 Initiative examinations involved more validation and testing of procedures and controls surrounding cybersecurity preparedness than was previously performed.

The examinations focused on the firms’ written policies and procedures regarding cybersecurity, including validating and testing that such policies and procedures were implemented and followed. In addition, the staff sought to better understand how firms managed their cybersecurity preparedness by focusing on the following areas: (1) governance and risk assessment; (2) access rights and controls; (3) data loss prevention; (4) vendor management; (5) training; and (6) incident response.

In general, the staff observed increased cybersecurity preparedness since our 2014 Cybersecurity 1 Initiative. However, the staff also observed areas where compliance and oversight could be improved. This Risk Alert provides a summary of the staff’s observations from the Cybersecurity 2 Initiative examinations and highlights certain issues observed as well as certain policies and procedures that the staff believes may be effective.4

READ MORE
Purchase options below
Find the complete article and many more in this issue of The Hedge Fund Journal - Issue 125 - August 2017
If you own the issue, Login to read the full article now.
Single Issue - Issue 125 - August 2017
$179.99
Or 17999 points
6 Month Digital Subscription
Only $ 150.00 per issue
SAVE
17%
$749.99
Or 74999 points

View Issues

About The Hedge Fund Journal

Informing the Hedge Fund Community. With access to some of the industry’s biggest names and an astute and talented group of writers and contributors, The Hedge Fund Journal has established itself as a trusted source of information on the hedge fund industry.
Ways to Pay Pocketmags Payment Types
At Pocketmags you get Secure Billing Great Offers HTML Reader Gifting options Loyalty Points