The SEC is intensifying its focus on cybersecurity disclosures, and in the current enforcement environment, it is crucial for fund managers to have effective disclosure policies and controls in place. This second article in a two-part guest series by King & Spalding attorneys William Johnson, Matthew Hanson, Joseph Zales and Charles Cain examines ongoing SEC investigations and provides practical guidance for fund managers on best practices for formulating and implementing policies and procedures that address disclosure, as well as on determining what to disclose. The first article reviewed the applicable SEC regulations and guidance, along with the growing body of enforcement actions, including the recently announced Pearson, First American and Cetera cases. See “Six Ways for Fund Managers to Be Prepared for the SEC’s Focus on Cybersecurity and Resiliency” (Apr. 30, 2020).