Accountants can help companies meet SEC demand for cybersecurity disclosures

March 27 2018

Published: AccountingToday

The Securities and Exchange Commission recently issued guidance on disclosures by public companies of the cybersecurity risks they are facing and what they’re doing to address those risks. Accountants can play a role in helping companies by providing assurance and attestation services to make sure they’re taking steps to mitigate the risks.

The SEC’s 2018 Guidance on Public Company Cybersecurity Disclosures indicates the growing concerns over cybersecurity incidents such as data breaches, and what companies need to do about publicly disclosing them (see SEC wants cybersecurity disclosures). The 2018 guidance released last month includes two new areas: cybersecurity policies and procedures, and insider trading prohibitions. The guidance spells out the rules of disclosure, including ensuring fair disclosure according to the Reg FD requirements, along with the factors that public companies need to consider to determine whether material information has been compromised. The 2018 guidance stresses the importance of materiality when preparing disclosures and lists five elements of materiality to consider.

Experts from Deloitte are recommending public companies also consider taking an additional five steps:

1. Assess current policies and procedures related to cyber risks and incidents.

2. Align cyber risk with operational risk framework, and develop shared understanding on materiality considerations.

3. Understand disclosure obligations under federal and state laws, and establish and maintain appropriate and effective disclosure controls for cybersecurity risks and incidents.

4. Examine and update insider trading policies and procedures.

5. Raise C-suite and board awareness on SEC guidance and company obligations, and assess and test incident management processes, including through cyber war gaming.

Read all the document in: https://www.accountingtoday. com/news/accountants-can-help- companies-meet-sec-demand-for- cybersecurity-disclosures- with-aicpa-soc-services?brief= 00000158-5504-dc42-a1fe- 55d7045f0000


Otras Publicaciones


Últimas Publicaciones