Monday, May 9, 2016

CyberSecurity Checklist and Gap Analysis Worksheet

Download Cybersecurity Checklist
Financial Industry Firms have specialized needs when it comes to developing cyber-security procedures and policies  

Brokerage and Investment Advisor firms hopefully recognize a one-size-fits-all approach to CyberSecurity does not work. Today's firms will need to look beyond their Information Technology personnel and consider their operations in order to establish a comprehensive Cybersecurity procedures and policies manual. Adopting an “ISSP” Information Systems Security Program appropriate to your circumstances and “IRP” Incident Response Plan that your personnel can successfully implement is key to prevention, detection, and recovery.

National Futures Association | CyberSecurity - Interpretive Notice  ¶9070

The firm must develop and maintain a written ISSP for securing customer data and access to their electronic systems, which should be maintained with the rest of the firm’s written procedures. Although the firm is not required to have a separate single document describing every aspect of its ISSP, a comprehensive written policy may be the best way to ensure that firm personnel know what the firm’s policy is, depending upon the firm's size and complexity of business and technological operations.

RND Resources recognizes the significant challenges and risks that investment securities dealers and advisors face in protecting sensitive client and company data as well as proprietary trade system information. Developing a plan consistent with your own firms operations is an important first step. The checklist we created will help you get started on the comprehensive ISSP and IRP. If you have any questions or prefer to have one of our professionals help get you started on a cyber-security program, please feel free to reach out to us at (818) 657-0288.


Click the link here to download RND Resources Inc Cybersecurity Checklist. The checklist will help you evaluate what your firm needs to conduct a thorough cybersecurity evaluation and develop the regulatory required “ISSP” Information Systems Security Program and “IRP” Incident Response Plan. Our checklist enables you to;

  • Identify potential threats and risk gaps
  • Rank the threat value of risk gaps
  • Match gaps to sections of the CyberSecurity Compliance Procedure manual
  • Assign tasks to team members
  • Record completion estimates and due dates
  • Maintain notes all throughout the process

BONUS: Cyber Insurance Comparison Worksheet

We’ve also included our Cyber Insurance comparison worksheet that will help you compare policy coverage limits and policy riders across carriers, as well as rank premium prices; all to help determine which policy best fits your firms level of risk and risk tolerance

Need Assistance?

Need help with Technical changes to your system or Penetration testing? We have the tools and expertise to; Conduct a quick-hit assessment of your Information System; Provide a high-level assessment report and; Develop the ISSP and IRP for regulatory compliance.  Call us for more information (818) 657-0288, or Complete the form on our website 

No comments:

Post a Comment

Your comments are welcome: