News & Insights

Help
4 News Results
Commentary by Steven Lofchie

The CFTC approved the NFA's Interpretive Notice to NFA Compliance Rules 2-9, 2-36 and 2-49 titled Information Systems Security Programs , requiring member firms to adopt and enforce written policies and procedures to secure customer data and access to their electronic systems. The NFA Interpretive Notice outlined those key areas that electronic Information Systems Security Programs ("ISSPs") must contain: a security and risk analysis; a description of the safeguards against identified system threats and vulnerabilities; the process used to evaluate the nature of a detected security event