SEC & FINRA Cybersecurity Exam Readiness Assessments & Remediation
Good to know: Elevate Consult LLC is listed in the FINRA Compliance Vendor Directory.
Are You Keeping Up With FINRA’s Cybersecurity Best Practices?
FINRA reviews your firm’s ability to protect the confidentiality, integrity, and availability of sensitive customer information. This includes reviewing each firm’s compliance with SEC regulations, including:
- Regulation S-P (17 CFR §248.30), which requires firms to adopt written policies and procedures to protect customer information against cyber-attacks and other forms of unauthorized access.
- Regulation S-ID (17 CFR §248.201-202), which outlines a firm’s duties regarding the detection, prevention, and mitigation of identity theft.
- The Securities Exchange Act of 1934 (17 CFR §240.17a-4(f)), which requires firms to preserve electronically stored records in a non-rewriteable, non-erasable format.
FINRA reviews firms’ approaches to cybersecurity risk management, including:
- technology governance
- system change management
- risk assessments
- technical controls
- incident response
- vendor management
- data loss prevention
- staff training.
At Elevate, we work with broker-dealers and registered investment advisors to ensure you have adequate controls in place to pass examinations and mitigate cybersecurity threats.
We have a streamlined approach to perform the reviews and provide you with the advice and expertise to assist you. For instance, we work with you to:
• Document and identify your PII and asset inventory
• Perform the gap analysis against the control requirements
• Document policies and procedures
• Provide training options
• Perform technical testing of your systems
• Serve as your expert in Cyber Security and IT compliance matters