Completing the risk assessment can be a challenging task. One way to make that task easier is to look to frameworks or approaches that have already been developed and become established.
Several years of preparation became reality when the New York Department of Financial Services introduced its first-in-the nation cybersecurity regulation in 2017 covering agents and brokers among other financial services providers and professionals.
Individuals who are fully covered under a firm’s program are broadly exempt.
Only some requirements must be complied with for the initial February 15, 2018 certification.
It's possible to obtain exemption from some of the regulation’s requirements.