The Securities and Exchange Commission Commission’s Office of Compliance Inspections and Examinations (OCIE) today issued examination observations related to cybersecurity and operational resiliency practices taken by market participants.
The observations highlight certain approaches taken by market participants in the areas of governance and risk management, access rights and controls, data loss prevention, mobile security, incident response and resiliency, vendor management, and training and awareness. The observations highlight specific examples of cybersecurity and operational resiliency practices and controls that organizations have taken to potentially safeguard against threats and respond in the event of an incident.
