Now that you’ve seen what ACA Insight has to offer, don’t be without it. Subscribe now!

The weekly news source for investment management legal and compliance professionals

Current subscribers - please log in to the website in the upper right-hand corner

News April 11, 2005 Issue

SEC Gets Taste of Its Own Medicine

The SECís controls over its computers and databases have been a little loosey-goosey.

Thatís the upshot of a recent U.S. Government Accountability Office report, which found that the SEC had not effectively implemented controls to protect financial and other sensitive data stored on its computers. For example, the GAO found that the SEC had weak controls over computer passwords, access to databases, and even physical access to wiring closets.

Rest assured: the SEC is aware of the problem and is turning things around.

But check out the following bit of advice the GAO helpfully offered the SEC:

An effectively-implemented program of internal controls, said the GAO, "provides for an ongoing cycle of periodically assessing risks, establishing appropriate policies and procedures, . . . and establishing an ongoing program of tests and evaluations of the effectiveness of policies and controls to ensure that they remain appropriate and accomplish their intended purpose."

Hey ó isnít there an SEC rule or something along those lines?