The Good and the Bad from OCIE’s Cyber Examinations and What Firms Should Do Next

August 22, 2017

The Office of Compliance Inspections and Examinations (OCIE) of the U.S. Securities and Exchange Commission (SEC) released a National Examination Program Risk Alert (Risk Alert) on August 7, 2017 regarding observations from its cybersecurity-related examinations of 75 registered broker-dealers, investment advisers and investment companies (collectively, Firms). This OnPoint details the National Examination Program Staff’s (Staff’s) positive and negative findings from OCIE’s 2015 Cybersecurity Examination Initiative (Cybersecurity 2 Initiative) and summarizes the elements that the Staff identified as hallmarks of “robust” policies and procedures.

Read "The Good and the Bad from OCIE’s Cyber Examinations and What Firms Should Do Next".