OCIE Publishes Risk Alert Summarizing Observations from Recent Cybersecurity Examinations

On August 7, 2017, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert summarizing its observations from cybersecurity preparedness examinations conducted of 75 broker-dealers, investment advisers and investment companies.1 These exams are part of OCIE’s Cybersecurity 2 Initiative. The examinations focused on six particular areas: (1) governance and risk assessment; (2) access rights and controls; (3) data loss prevention; (4) vendor management; (5) training; and (6) incident response. …

ocie