(ISC)² Blog
On March 9, 2022, the SEC released new proposed rules relating to cybersecurity risk management, incident reporting, and disclosure for investment advisers and funds. The proposed rules would require advisers and funds to adopt and implement policies and procedures that are designed to address cybersecurity risks. Advisers and funds would be required to review and assess the design and effectiveness of their cybersecurity policies and procedures; and prepare a report describing the review, explaining the results, documenting any incident that has occurred since the last report, and discussing any material changes to the policies and procedures since the last report….
Read the original article: