Consider a cybersecurity policy and procedure

With the Department of Labor (DOL) focusing on cybersecurity, I think it’s prudent for plan sponsors to put policies in place to cover it. On a DOL audit, I’m sure the auditor investigating your plan, will ask for it.

What your policy should cover:

  1. Access controls and identity management for online systems
  2. The processes for responding to a cybersecurity breach
  3. A due diligence process for reviewing the cybersecurity protocols of plan providers
  4. Cybersecurity awareness training for staff
  5. The encryption of sensitive information transmitted, stored, or in transit

Story Page
%d bloggers like this: