The Securities and Exchange Commission (“SEC”) Division of Examinations (“The Division”) has flagged vendor management as one of the seven critical cybersecurity focus areas. As more registered investment adviser (“RIA”) firms migrate to cloud-based technology and vendors, proper vendor management and due diligence are becoming more important elements of every investment advisory firm’s cybersecurity compliance program.
This complimentary checklist details ten helpful tips to consider when building and reviewing your firm’s third-party vendor management compliance program.