Citation[]
Securities and Exchange Commission, Division of Investment Management, Guidance Update No. 2015-02 (Apr. 2015) (full-text).
Overview[]
This document sets forth a three-step cybersecurity approach for registered advisers and investment companies:
- Assess current threats, vulnerabilities and defensive measures;
- Design a strategy to prevent, detect and respond to cybersecurity threats; and
- Implement that strategy through written policies and procedures, internal personnel training, and external client education.