Question

According to SEC proposed cybersecurity regulation rules, funds and advisers would need to maintain, for at least five years,

1) their written cybersecurity policies and procedures,
2) reports provided to the board of directors about the review of cybersecurity policies and procedures,
3) records relating to the occurrence of any cybersecurity incident.
a.True
b.False

Answer 1

The SEC's proposed cybersecurity regulations require funds and advisers to maintain records, including written cybersecurity policies and incident reports, for at least five years, which is true.

Step-by-step explanation:

According to proposed cybersecurity regulation rules by the Securities and Exchange Commission (SEC), it is indeed true that funds and advisers would be required to maintain specific records related to cybersecurity for a minimum of five years. These records include 1) their written cybersecurity policies and procedures, 2) reports provided to the board of directors regarding the review of these cybersecurity policies and procedures, and 3) records relating to the occurrence of any cybersecurity incident.

This adherence to record-keeping is a measure to ensure not only the security and integrity of the financial systems but also transparency and accountability in the face of cybersecurity threats. By instituting such requirements, the SEC aims to protect investors and the market from the potentially devastating effects of cybersecurity incidents.