BoE, PRA and FCA have written to firms on their 2021 CBEST thematic findings. The comments are addressed to the individual SMF holder with responsibility for cyber, noting that the individual is responsible for:
- ensuring the firm benefits from the review by identifying and addressing similar weaknesses with it;
- raising awareness in the senior executive team; and
- generally ensuring the results are used to inform the work of the risk and internal audit functions.
At the time of publishing this post, the findings were not available.