Start the Conversation

Honeypot Field to Catch Bots
Honeypot Field to Catch Bots

Reporting on our compliance

DFIN establishes various controls to ensure the confidentiality, integrity and availability of client data. Cornerstones of DFIN cybersecurity are ensuring our security controls are operating effectively and measuring the effectiveness of governance, risk and compliance programs.

Icon 1

IT Governance and Risk

Learn about IT governance and risk @DFIN.

Icon 1

Reports and documents

Learn how DFIN demonstrates compliance throughout the enterprise. Request-up-to-date reports and other artifacts.

IT Governance and Risk

DFIN’s IT governance is comprised of processes by which we align our IT (development, infrastructure, cybersecurity) practices within our overall business strategy. As a key part of our overall IT governance efforts, we are able to ensure efficiency, security, and effective resource use, as well as compliance with both internal and external regulations.

Additionally, DFIN’s IT governance ensures that the needs of our stakeholders, including our clients, are evaluated to determine enterprise objectives, and are used to set direction (in decision making and prioritization) to monitor performance and compliance.

DFIN’s IT risk management program applies risk management methods to manage IT related threats. Our efforts involve procedures, polices and tools to identify, assess and remediate potential threats and vulnerabilities within DFIN’s information technology landscape. This includes both internal risk analysis as well as third party supplier risk (supply chain security).

Icon 1

IT Governance and Risk

Learn about IT governance and risk @DFIN.

IT Governance and Risk

DFIN’s IT governance is comprised of processes by which we align our IT (development, infrastructure, cybersecurity) practices within our overall business strategy. As a key part of our overall IT governance efforts, we are able to ensure efficiency, security, and effective resource use, as well as compliance with both internal and external regulations.

Additionally, DFIN’s IT governance ensures that the needs of our stakeholders, including our clients, are evaluated to determine enterprise objectives, and are used to set direction (in decision making and prioritization) to monitor performance and compliance.

DFIN’s IT risk management program applies risk management methods to manage IT related threats. Our efforts involve procedures, polices and tools to identify, assess and remediate potential threats and vulnerabilities within DFIN’s information technology landscape. This includes both internal risk analysis as well as third party supplier risk (supply chain security).

Icon 1

Reports and documents

Learn how DFIN demonstrates compliance throughout the enterprise. Request-up-to-date reports and other artifacts.

Reports and documents

DFIN’s GRC (Governance Risk and Compliance) team manages compliance activities across DFIN’s technology landscape to ensure our adherence with industry and governmental regulations. A large part of the GRC team’s efforts center around evaluation defining control frameworks and then evaluating and testing controls within those frameworks. Additionally, DFIN GRC’s Compliance team evaluates and tests our IT standards, policies and procedures via continuous assessment.

DFIN understands that compliance is critical to our clients’ needs and makes several different reports and assessments available for review.

We can provide additional information including our SOC 2 Type II report, once a Non-Disclosure Agreement is signed

Insider by Dfin

Our CISO, Dannie Combs, discusses security and regulatory compliance

Read the blog
Dannie Combs - Chief Information Security Officer

More findings, right this way

Resources

Key Differences Between Public and Private Companies

View resource

Resources

The Top Trends in Corporate Financial Reporting

View resource

Resources

SEC Form SHO and Rule 13F-2: Guide to Short Selling Transparency

View resource

Resources

Types of Funding for Private Companies

View resource

Fact Sheet

Confidently Comply with Form PF Requirements with DFIN’s All-in-One ArcRegulatory® Solution

View fact sheet

Resources

Say-on-Pay & Golden Parachute Votes

View resource

Blog

Starting Out Strong in 2025: Five Regulatory Updates You Need to Know About Now

View blog

Video Podcast

Proxy Statements, Boards’ Cybersecurity and AI Oversight, and Navigating Anti-ESG Rhetoric

schneider
Watch podcast

Article

Preparing for Proxy Season 2025 Report featuring DFIN Commentary

schneider
Read article

Case Study

How We Help a Global Law Firm Streamline Their Client IPO Process

Read case study

Blog

Building a Resilient ESG Program

Frank Kelley
View blog

Blog

Infusing Pay-versus-Performance (PVP) Disclosure Requirement into Your Next Proxy

schneider
View blog

Resources

Universal Proxy Rules in Contested Director Elections: A Guide for Shareholders

View resource

Fact Sheet

A Tour of DFIN’s XBRL Review Tools

View fact sheet

Resources

What is a Schedule 13D & 13G SEC Filing?

View resource

Case Study

How We're Helping a Global Manufacturer Support its Sustainability Initiatives

Read case study

Article

Investment Companies 2025 Outlook

eric johnson
Read article

Calendar

2025 Investment Companies Regulatory Calendar

View calendar

Resources

How to Create a Board Skills Matrix for Proxy Statements

View resource

Resources

How To Optimize the Investor Onboarding Process  

View resource