Issue link: https://read.uberflip.com/i/1494922
PROPOSAL OF SERVICES FOR PURCHASE COLLEGE FOUNDATION | Page 15 SEIC conducts a minimum of two large-scale disaster recovery tests and one large-scale business continuity workplace recovery test per year. SEIC also executes an "India Out" exercise annually ensuring critical operational activity can be repatriated in an emergency situation. The most recent disaster recovery test was completed in November 2022 and the most recent workplace recovery plan test was completed in September 2022. Cyber security plan An Incident Response Plan is part of our Cyber Security Plan. SEIC participates regularly in industry cybersecurity exercises sponsored by the Securities Industry and Financial Markets Association (SIMFA), Department of Homeland Security (DHS), the U.S. Treasury, and the Financial Services Information Sharing and Analysis Center (FS-ISAC). These exercises are included in incident response testing. The last desktop exercise to test the Cyber Incident Response Plan was held in October 2022 with the FS-ISAC. The SEIC Information Security team performs weekly vulnerability scans on SEIC servers and network. SEIC also commissions an independent third-party information security vulnerability test on an annual basis. The third party conducts annual penetration tests on all SEIC internet-facing applications and the SEIC Network and provides SEIC an independent report of the systems and application for the SEIC Network and all internet-facing solutions. How has the COVID-19 pandemic affected your firm operations? SEI maintains an All-Hazards approach to business continuity planning. In the event of a pandemic scenario, a combination of the corporate workplace recovery and unit or team personnel strategies would be activated. As part of the United States critical infrastructure as per the Department of Homeland Security, SEI will continue to operate at its corporate headquarters in the event of a future pandemic. Other aspects of the program are activated as needed, including SEI's Crisis Management Team, Emergency Communications, and Client Communications capabilities. During the COVID-19 lockdowns we exercised the Business Continuity Plan described above, which included team members working from home using a secured network connection and corporate issued workstations. We were in BCP for the entirety of COVID-19. The COVID-19 outbreak did not materially impact our operations or servicing our clients. Describe your firm's system architecture and IT resources. Describe your firm's approach or philosophy regarding use of technology to meet client needs. List specific applications used for portfolio construction, performance measurement and monitoring, reporting, risk analytics, etc. Are these systems proprietary or from third-party providers? We use several technology systems to ensure transparency and nimble execution of client portfolios.