Key takeaways

• Continuing its focus on cybersecurity, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert this week announcing that it will conduct a second round of examinations of registered broker-dealers and investment advisors to assess their cybersecurity procedures and controls.
• OCIE included an updated, more specific sample document request with the Risk Alert, which provides a roadmap for firms to assess and improve their own cybersecurity posture.
• SEC registrants would benefit from reviewing the sample document request and promptly addressing any gaps relative to the SEC’s expectations.