Cybersecurity Assessment

MergerTree Cybersecurity Assessment: going beyond the Network Assessment and taking the first step in your cybersecurity preparedness.

Cybersecurity management is essential to businesses today. A comprehensive cybersecurity assessment is the right way to begin. MergerTree will accurately evaluate key network security points and recommend functional resolutions to issues.

MergerTree Cybersecurity Assessments are based on the SEC Office of Compliance Inspections and Examinations Cybersecurity Initiative and Risk Alerts 2014 and 2015.

The OCIE Risk Alert distributed in 2014 raised several key issues each of which is evaluated in the Cybersecurity Assessment

  • Identification of Risks/ Cybersecurity Governance
  • Management of Information Security Assets
  • Written Information Security policies (WISP)
  • Periodic Cybersecurity Risk Assessment and Mitigation
  • Protection of Networks and Information
  • Detection of Unauthorized Activity
  • Cybersecurity Incidence response
  • Cybersecurity Business Continuity plan

In response to the initial examinations conducted in January and February 2015, an updated OCIE Risk Alert was distributed in September 2015 which includes a greater emphasis on compliance with company cybersecurity policy. This focus is reflected in the MergerTree Cybersecurity Assessment.

  • Information demonstrating implementation of cybersecurity policies
  • Use of Multifactor authentication
  • Vendor Management