MFDF - Mutual Fund Directors Forum - Five Considerations on Cyber Security Oversight test

Member Login

Request an account

Sample Banner 1

Five Considerations on Cyber Security Oversight

At a recent MFDF event, panelists discussed how boards can effectively partner with fund management on oversight of cybersecurity at the adviser and fund service providers, among other topics. Participants, including directors, CCOs and representatives from fund management and the SEC, discussed what boards should be alert for and questions that help facilitate oversight of management’s policies and procedures as well as that of third parties and fourth parties.  Below are some questions raised during the discussion that may be helpful to directors. For additional information and questions to raise with fund management, review the MFDF’s white paper: Board Oversight of Cybersecurity.

  1. Does the adviser’s cyber security oversight program include policies and procedures for the oversight of fourth parties (vendors to the service providers)?
  2. What makes a good incident response plan? How often is management’s incident response plan updated?
  3. How does management assess differences in the security standards of better resourced-service providers vs. smaller service providers? How does management account for and fill the gaps in vendor standards?
  4. How does the CISO (chief information security officer) keep up with industry developments? How often does she communicate with management on cyber security trends and incidents?
  5. How do company metrics (e.g., number of infiltration attempts, successful attempts, frequency of staff training) compare with others in our industry?
  • All
  • Accounting and Audit
  • Advisory Contracts
  • Board Governance
  • Board Governance: Board Leadership
  • Board Governance: Compensation
  • Board Governance: Oversight of CCO
  • Board Governance: D&O Insurance
  • Board Governance: Self-Evaluation
  • Closed-end Funds
  • ETFs
  • Other Oversight
  • Other Oversight: Alternative Investments and Derivatives
  • Other Oversight: Custody
  • Other Oversight: Fixed Income funds
  • Other Oversight: Distribution
  • Other Oversight: Portfolio Trading
  • Other Oversight: Proxy Voting
  • Other Oversight: Securities Lending
  • Legislative News
  • Money Market Funds
  • Reference
  • Regulatory News
  • Risk
  • Shareholder Disclosure
  • Valuation
  • Webinars
  • Aaron New Tag