OCIE OFFERS CYBERSECURITY AND RESILIENCY OBSERVATIONS

OCIE has now issued examination observations related to cybersecurity and operational resiliency practices taken by investment advisers and other market participants. With examples, the observations included governance and risk management, access rights and controls, data loss prevention, mobile security, incident response and resiliency, vendor management, and training and awareness. Members are encouraged to incorporate these observations in their cybersecurity assessments. A copy of the examination guidance can be found here.