Does the system help address cybersecurity regulatory guidance and focus areas?
Yes, the platform is designed to help RIA firms follow information security guidance issued by the Securities and Exchange Commission's ("SEC") Office of Compliance Inspections and Examinations ("OCIE"). Beginning in 2015, OCIE has specifically listed cybersecurity as an annual examination priority for RIAs. In more recent exam priority guidance, the OCIE staff has noted six specific focus areas: governance and risk assessment, access rights and controls, data loss prevention, vendor management, training, and incident response. The MyRIACompliance cybersecurity platform helps to address each of these focus areas by empowering an RIA firm to efficiently construct, implement, and document a robust cybersecurity compliance program