Consider a cybersecurity policy and procedure

With the Department of Labor (DOL) focusing on cybersecurity, I think it’s prudent for plan sponsors to put policies in place to cover it. On a DOL audit, I’m sure the auditor investigating your plan, will ask for it.

What your policy should cover:

  1. Access controls and identity management for online systems
  2. The processes for responding to a cybersecurity breach
  3. A due diligence process for reviewing the cybersecurity protocols of plan providers
  4. Cybersecurity awareness training for staff
  5. The encryption of sensitive information transmitted, stored, or in transit.

This entry was posted in Retirement Plans. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *