- Compliance Services
- Cybersecurity & Risk
- Performance Services
- Technology Solutions
- Events & Education
The FCA has finalized guidance to clarify requirements on firms when outsourcing to the cloud and other third party IT providers, the aim is for firms to identify and manage operational risks associated with use of third parties. This newly issued guidance is in addition to general outsourcing requirements already detailed in SYSC 8 within the FCA Handbook.
We recommend that firms read the guidance paper in detail, key points include the following:
The full published guidance can be viewed on the FCA’s website here: http://www.fca.org.uk/news/fg16-5-guidance-for-firms-outsourcing-to-cloud-and-third-party-it-services
We recommend that firms take the following actions:
ACA Aponix provides risk assessments, written information security programs, staff awareness programs (phishing and training), and vendor due-diligence as part of our core service offering. Please contact email@example.com with any questions or for further information on how we can assist you with addressing cybersecurity risk.