Castle Hall's standard OpsDiligence review includes a range of cyber questions - in every ODD engagement, Castle Hall asks whether there is a cybersecurity policy, if the asset manager conducts penetration and phishing tests, what are cyber training procedures and, of course, whether the asset manager has been compromised by a cyber event.
CybsersecurityDiligence goes into much greater depth, considering more than 150 cyber questions Our cyber risk evaluation tool, available below, outlines Castle Hall's scope and evaluation criteria when conducting a cyber diligence review, considering 10 key cyber areas.
As always, Castle Hall's independence enables asset owners to access effective and objective evaluation of cyber risks. Unlike technology vendors, Castle Hall is never in the position of conducting diligence on an external manager who is already a tech client, and the diligence process is never motivated by a desire to sell an external manager follow on tech services.
Interested in joining the discussion on Cybersecurity?
Access our Cybersecurity Diligence LinkedIn group