SEC Guides Companies About the Need to Disclose IT Security Issues in Filings

My thanks for Protiviti for an excellent summary of the new SEC staff guidance. I will let you read it for the details. You can also refer to the SEC's release itself.

The SEC staff has explained that these are not new requirements — the need to disclose material matters exists already. What they have done is to provide guidance on how this should apply to the issue of information security or "cyber crime."

CAEs, financial auditors, IT auditors, those involved or responsible for financial reporting, and those responsible for information security should become familiar with the guidance.

Posted on Oct 18, 2011 by Norman Marks

Share This Article:    

  1. We are all seeing an increased focus from regulators on the need for proper breach notification as well as good cyber security and information risk management practices.  Information Security has evolved and can no longer be a deeply embedded side function of a company's Information Technology division.


Leave a Reply