Since issuing its examination risk alert in 2015, the Securities and Exchange Commission (SEC) has expanded the focus and depth of its cybersecurity requirements, leaving firms wondering if they have the right mechanisms in place.

This checklist is an interpretation of the appendices from the OCIE September 2015 Cybersecurity Risk Alert, formatted as questions within six categories.

Governance and Risk Assessment
Access Rights and Controls
Data Loss Prevention
Vendor Management
Incident Response

Ready to start the conversation about cybersecurity?

Let's Talk