SEC Conducting Cybersecurity Examinations
The SEC will be conducting cybersecurity examinations of more than 50 registered brokers-dealers and registered investment advisers. OCIE releases 7 page sample request list that provides compliance professionals with tools to assess their firms' level of preparedness. This list will be used to assess cybersecurity during routine examinations.
The U.S. Securities and Exchange Commission ("SEC") Office of Compliance Inspections and Examinations ("OCIE") has announced that its 2014 examination priorities include a focus on technology, including cybersecurity preparedness. As part of this initiative, OCIE will conduct examinations of more than 50 registered broker-dealers and registered investment advisers focused on cybersecurity governance and the detection of unauthorized activity.
We have provided a link to the April 15, 2014 OCIE Cybersecurity Risk Alert which also includes an Appendix which describes a SEC sample request list for information and documents to be used by OCIE in this initiative. These documents are intended to provide compliance professionals with a tool they can use to identify and assess their cybersecurity risks.
These examinations will help identify areas where the SEC and the industry can work together to protect investors and markets from cybersecurity threats. If you have additional questions, please reach out to your Sadis & Goldberg contact for further clarification of this initiative.