On August 7, 2017, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert providing a summary of the staff’s observations from sweep exams of broker-dealers, investment advisers and funds conducted pursuant to the Cybersecurity Examination Initiative announced on September 15, 2015, referred to by the staff as the “Cybersecurity 2 Initiative.”1 The Risk Alert notes that these latest sweep exams involved more validation and testing of procedures and controls surrounding cybersecurity preparedness than was previously performed, which is reflected in the staff’s observations. In the exams, which included 75 broker-dealers, investment advisers and registered funds, the staff reviewed firms’ cybersecurity policies and procedures, which included validation and testing to determine if the policies and procedures were implemented and followed....
Please see full publication below for more information.