Evaluating an Asset Manager's Cybersecurity Environment

Practical guidance to help investors evaluate an investment manager’s cybersecurity environment.

Cybersecurity has become a top operational due diligence priority. This paper seeks to bridge the gap between what can quickly become extremely technical subject matter, and more practical guidance as to how to approach cybersecurity during a real world operational diligence review.

Screen Shot 2020-05-24 at 11.42.50 PMExplore ten key categories of cybersecurity risks as a framework for comprehensive operational due diligence: 

  1. Cybersecurity Ownership
  2. Cybersecurity Framework
  3. Data Classification
  4. User Access
  5. Data, Network and Hardware Security
  6. Change Management
  7. Personnel
  8. Vulnerability and Patch Management
  9. Incident Response
  10. Security Awareness and Training

Visit Castle Hall's Due Diligence University to download our Cybersecurity white paper and other resources, or contact us to learn how Castle Hall can help allocators build and implement risk-based due diligence policies and programs.

Learn more about Castle Halls 3 Steps to Effective Due Diligence.

Screen Shot 2021-02-19 at 2.54.15 PM


We hope the DiligenceHub Help Center will provide quick answers to your questions as you as you begin to use the app. Please browse the articles at your convenience - and, of course, feel free to send a support ticket or live chat with our team if you have questions at any time.