What Financial Advisory Firms Need To Know About Cyber Security To Pass OCIE Exams Hot

0.0 (0)
Write Review

In April 2014, OCIE published a Risk Alert announcing a series of examinations to identify cybersecurity risks and assess cybersecurity preparedness in the securities industry.

In February 2015, OCIE published summary observations of the findings from these examinations, which discussed some of the legal, regulatory, and compliance issues associated with cybersecurity.

Given the continued importance of cybersecurity and the positive response from broker-dealers and advisers on OCIE’s efforts, OCIE announced a focus on cybersecurity compliance and controls as part of its 2015 Examination Priorities. OCIE is issuing this Risk Alert to provide additional information on the areas of focus for OCIE’s second round of cybersecurity examinations, which will involve more testing to assess implementation of firm procedures and controls.


Examiners will gather information on cybersecurity-related controls and will also test to assess implementation of certain firm controls. In order to promote better compliance practices and inform the Commission’s understanding of cybersecurity preparedness, this Initiative will focus on the following areas:

  1. Cyber Security Assessment
  2. Access Rights & Controls per Employee
  3. Vendor Management
  4. Cyber Security Training
  5. Incidence Response Plan
  6. Data Loss Prevention which Includes Managed Security and Disaster Recovery

You can find more information regarding OCIE’s 2015 Cybersecurity Examination here: http://www.sec.gov/ocie/announcement/ocie-2015-cybersecurity-examination-initiative.pdf

This Website Is For Financial Professionals Only

User reviews

There are no user reviews for this listing.
Already have an account? or Create an account