1. In your own words, summarize the dealer-broker record retention requirements.

2. Reread the SEC’s 2003 interpretation. In your own words, explain the difference between “integrated hardware and software control codes” and software applications that use “authentication and approval policies, passwords, or other extrinsic controls.” Give an example of each.

3. Clearly, in the view of the SEC, the likelihood of compromise of an integrated system of hardware and software is considerably less than the likelihood of compromise of a system of authentication, passwords, and procedures. Justify this view

4. Do you agree with the view in question 6-6? Why or why not?

5. Investigate Jordan & Jordan (www.jandj.com) and Cohasset Associates (www.cohasset.com). If you were a consultant to a financial institution, to what extent would you rely on the statements of these organizations?

6. If you were a consultant to a financial institution, what else might you do to verify that Fin loud complies with the SEC ruling and its 2003 interpretation?

7. Explain how the knowledge that you have gained so far in this course helps you to understand the SEC’s 2003 interpretation. Summarize how your knowledge would help you if you worked for a financial institution. Cast your answers to this question in a way that you could use in a job interview.