OCIE Cybersecurity And Resiliency Observations And Best Practices
On January 27, 2020, the U.S. Securities and Exchange Commission ("SEC") Office of Compliance Inspections and Examinations ("OCIE") issued examination observations related to cybersecurity and operational resiliency practices ("Examination Observations"). The observations highlight a set of best practices by market participants in the following areas: (1) governance and risk management, (2) access rights and controls, (3) data loss prevention, (4) mobile security, (5) incident response and resiliency, (6) vendor management and (7) training and awareness. Cybersecurity has been a key priority for OCIE since 2012. Since then, it has published eight cybersecurity-related risk alerts, including an April 2019 alert addressing mobile security. OCIE has perennially included cybersecurity practices as part of its examination priorities ("Examination Priorities") and listed all but mobile security as "particular focus areas" in the "information security" priority for 2020.
Although recognizing that not every practice may be appropriate for all registrants, OCIE highlighted the following measures observed in its examinations. As such, advisers should expect the SEC - in examinations and investigations - to consider these "best practices".
Governance and Risk Management. OCIE emphasized that the most effective cybersecurity programs start with the "tone at the top". OCIE encouraged senior leadership to devote ongoing attention to improving an organization's cybersecurity and resiliency programs and establishing communication policies and procedures with other decision makers and employees. Advisers should be prepared to receive questions during OCIE examinations about senior management's awareness and oversight of the cybersecurity compliance program. Access Rights and Controls. OCIE observed that limiting access to the organization's systems to authorized users is a key component of an effective cybersecurity program. Access controls should be able to discern the location of data, including client information, through periodic account reviews; restrict access to systems and data to authorized users; re-certify users' access rights on a periodic basis; and establish controls to prevent and monitor for unauthorized access, such as by tracking failed login attempts. The degree to which OCIE would expect advisers to operate systems on a "need to know" basis or more closed architecture rather than an open architecture should become more apparent in the...
To continue reading
Request your trialSubscribers can access the reported version of this case.
You can sign up for a trial and make the most of our service including these benefits.
Why Sign-up to vLex?
-
Over 100 Countries
Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
-
Thousands of Data Sources
Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
-
Find What You Need, Quickly
Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
-
Over 2 million registered users
Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.
Subscribers are able to see a list of all the cited cases and legislation of a document.
You can sign up for a trial and make the most of our service including these benefits.
Why Sign-up to vLex?
-
Over 100 Countries
Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
-
Thousands of Data Sources
Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
-
Find What You Need, Quickly
Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
-
Over 2 million registered users
Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.
Subscribers are able to see a list of all the documents that have cited the case.
You can sign up for a trial and make the most of our service including these benefits.
Why Sign-up to vLex?
-
Over 100 Countries
Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
-
Thousands of Data Sources
Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
-
Find What You Need, Quickly
Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
-
Over 2 million registered users
Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.
Subscribers are able to see the revised versions of legislation with amendments.
You can sign up for a trial and make the most of our service including these benefits.
Why Sign-up to vLex?
-
Over 100 Countries
Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
-
Thousands of Data Sources
Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
-
Find What You Need, Quickly
Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
-
Over 2 million registered users
Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.
Subscribers are able to see any amendments made to the case.
You can sign up for a trial and make the most of our service including these benefits.
Why Sign-up to vLex?
-
Over 100 Countries
Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
-
Thousands of Data Sources
Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
-
Find What You Need, Quickly
Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
-
Over 2 million registered users
Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.
Subscribers are able to see a visualisation of a case and its relationships to other cases. An alternative to lists of cases, the Precedent Map makes it easier to establish which ones may be of most relevance to your research and prioritise further reading. You also get a useful overview of how the case was received.
Why Sign-up to vLex?
-
Over 100 Countries
Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
-
Thousands of Data Sources
Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
-
Find What You Need, Quickly
Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
-
Over 2 million registered users
Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.
Subscribers are able to see the list of results connected to your document through the topics and citations Vincent found.
You can sign up for a trial and make the most of our service including these benefits.
Why Sign-up to vLex?
-
Over 100 Countries
Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
-
Thousands of Data Sources
Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
-
Find What You Need, Quickly
Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
-
Over 2 million registered users
Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.