Financial Industry Firms have specialized needs when it comes to developing cyber-security procedures and policies
The firm must develop and maintain a written ISSP for securing customer data and access to their electronic systems, which should be maintained with the rest of the firm’s written procedures. Although the firm is not required to have a separate single document describing every aspect of its ISSP, a comprehensive written policy may be the best way to ensure that firm personnel know what the firm’s policy is, depending upon the firm's size and complexity of business and technological operations.
RND Resources recognizes the significant challenges and risks that investment securities dealers and advisors face in protecting sensitive client and company data as well as proprietary trade system information. Developing a plan consistent with your own firms operations is an important first step. The checklist we created will help you get started on the comprehensive ISSP and IRP. If you have any questions or prefer to have one of our professionals help get you started on a cyber-security program, please feel free to reach out to us at (818) 657-0288.
CYBER-SECURITY CHECKLIST WITH GAP ANALYSIS AND CYBER INSURANCE COMPARISON WORKSHEET
- Identify potential threats and risk gaps
- Rank the threat value of risk gaps
- Match gaps to sections of the CyberSecurity Compliance Procedure manual
- Assign tasks to team members
- Record completion estimates and due dates
- Maintain notes all throughout the process