On January 11, the Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission (SEC) announced their examination priorities for 2016. As in 2014 and 2015, cyber security is one of the SEC’s exam priorities for 2016. This year, the OCIE stated that it will target policies and procedures in investment advisor and broker-dealer firms. This announcement, in conjunction with the OCIE’s Cybersecurity Examination Initiative, 2014 Cybersecurity Sweeps, and 2015 Cybersecurity Sweeps indicate that cyber security will be top-of-mind with regulators for the foreseeable future. This belief is echoed in Christopher Robins’ article entitled, “SEC, Finra Continue Cybersecurity Scrutiny in 2016,” that just appeared in Financial Advisor magazine online. A link to that article is below.
Well documented and comprehensive cyber policies are the cornerstone of information security. Ashland Partners uses the NIST framework when reviewing client policies as we believe they provide a strong foundation for understanding the industry’s challenges and mitigating them. If we can be of service as you develop or refine your cyber policies, please contact us at 541.857.8800 or email firstname.lastname@example.org.