What Financial Advisory Firms Need To Know About Cyber Security To Pass OCIE Exams

Tuesday, September 22, 2015 14:50
edit
What Financial Advisory Firms Need To Know About Cyber Security To Pass OCIE Exams

Tags: cyber security | cybersecurity | OCIE Exam

 In March 2014, the SEC sponsored a Cybersecurity Roundtable where SEC Commissioners and staff, along with industry representatives, underscored the importance of cybersecurity to the integrity of the market system and customer data protection.

This Website Is For Financial Professionals Only


In April 2014, OCIE published a Risk Alert announcing a series of examinations to identify cybersecurity risks and assess cybersecurity preparedness in the securities industry.

In February 2015, OCIE published summary observations of the findings from these examinations, which discussed some of the legal, regulatory, and compliance issues associated with cybersecurity.

Given the continued importance of cybersecurity and the positive response from broker-dealers and advisers on OCIE’s efforts, OCIE announced a focus on cybersecurity compliance and controls as part of its 2015 Examination Priorities. OCIE is issuing this Risk Alert to provide additional information on the areas of focus for OCIE’s second round of cybersecurity examinations, which will involve more testing to assess implementation of firm procedures and controls.

INFORMATION OCIE WILL BE LOOKING FOR IN EXAMS:

Examiners will gather information on cybersecurity-related controls and will also test to assess implementation of certain firm controls. In order to promote better compliance practices and inform the Commission’s understanding of cybersecurity preparedness, this Initiative will focus on the following areas:

  1. Cyber Security Assessment
  2. Access Rights & Controls per Employee
  3. Vendor Management
  4. Cyber Security Training
  5. Incidence Response Plan
  6. Data Loss Prevention which Includes Managed Security and Disaster Recovery

You can find more information regarding OCIE’s 2015 Cybersecurity Examination here: http://www.sec.gov/ocie/announcement/ocie-2015-cybersecurity-examination-initiative.pdf

Comments (0)

Write comment

You must be logged in to post a comment. Please register if you do not have an account yet.

busy