AITEC and the Alternative Investment Management Association (AIMA), a global representative for alternative asset managers, have released a co-branded illustrative questionnaire for due diligence of vendor cyber security.
The due diligence questionnaire (DDQ) has been created to streamline the process of conducting due diligence on vendors servicing the alternative asset management industry.
This DDQ represents the superset of critical questions compiled by a committee of AITEC and AIMA members who are experienced in technology and operations.
The questionnaire is purposed for enabling the industry to approach vendors as a single voice, consequently providing efficiencies in communication and ultimately increasing the market's understanding of technology infrastructure.
Conor Kiernan, a board member of AITEC and chief technology officer (CTO) of Marshall Wace, commented: “While gaining efficiency in your vendor due diligence process is certainly a plus, the consistency and thoroughness of the questions is of utmost importance.
“Cyber due diligence is not something one can afford to get wrong in this day and age. This DDQ has been drafted by a consortium of industry experts with many years of experience in the trenches. It’s a fantastic aid on the road to building a robust technology due diligence process.”
Jack Inglis, chief executive officer (CEO) of AIMA, said: “It will come as a surprise to no one that cyber security has been a priority in recent years, with the Financial Conduct Authority and the Securities and Exchange Commission particularly noting that more due diligence must be done on vendors as a provision of service.
“This DDQ should be viewed as the next step of cyber security development for organisations, and certainly is the logical progression from AIMA’s Guide to Sound Practices for Cyber Security.”
The DDQ will be available to AITEC and AIMA members only.
AITEC, AIMA, Cyber, Cayman Islands