CPA

New SEC cybersecurity risk required disclosures

SEC Required Cybersecurity Disclosure Forms

In July 2023, the SEC issued a final rule related to cybersecurity disclosures. The objective is to have a more timely disclosure of material cybersecurity incidents on Item 1.05 of Form 8-K. In addition, there are new annual required disclosures related to cybersecurity risk management, strategy and governance in the annual report on Form 10-K. 

A cybersecurity incident is an unauthorized occurrence, or a series of related unauthorized occurrences, on or conducted through a registrant's information systems that jeopardizes the confidentiality, integrity, or availability of a registrant's information systems or any information residing therein. 

Material cybersecurity incidents are required to be reported within four business days, with certain exceptions for national security or public safety. The determination of materiality is based on the definition used in federal securities laws. 

If information is not determined or available at the time of required filing, a statement to that effect would be included in the Form 8-K filing. Then, the entity would file an amended Form 8-K within four business days after the information is determined or available. 

Form 8-K will describe the material aspects of the nature, scope, and timing of the incident. Disclosures should include the material impact (or reasonably likely material impact) on the registrant, including on its financial condition and results of operations. 

The new rules apply to all SEC domestic registrants with comparable requirements for foreign private issues filing on domestic forms. Registrants must begin complying with the requirement on Form 8-K or Form 6-K on December 18, 2023, and smaller Reporting Companies will have until June 15, 2024. All registrants are required to comply with the annual disclosure requirements beginning with the annual reports for fiscal years ending on or after December 15, 2023. 

Try Becker's CPA Exam Review FREE for 14 days
FacebookLinkedinXEmail

About the author

Jennifer has more than 25 years of experience in designing high-quality training programs in a variety of technical and “soft-skills” topics necessary for professional and organizational success. In 2003, she founded Emergent Solutions Group, LLC, where she focuses on designing and delivering practical and engaging accounting and auditing training. Jennifer started her career in audit for Deloitte & Touche. She graduated summa cum laude from Marymount University with a B.B.A. in Accounting.EducationMarymount University: Bachelor's of Business Administration, AccountingOrganizationsNorth Carolina Association of CPAsAICPAPublicationsAccounting for Cryptocurrency and Digital AssetsAccounting for Convertible DebtCoursesAuditing ContingenciesAccounting and Reporting for Contributions, Including Gifts in KindThe Future of ESG Reporting

Now Leaving Becker.com

You are leaving the Becker.com website. Once you click “continue,” you will be brought to a third-party website. Please be aware, the privacy policy may differ on the third-party website. Adtalem Global Education is not responsible for the security, contents and accuracy of any information provided on the third-party website. Note that the website may still be a third-party website even the format is similar to the Becker.com website.

Continue