First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

cybersecurity risks

The SEC is changing the rules for SOX s302 certifications to include cyber risks

You may know that the SEC just published new guidance on the disclosures they are required to make related to cybersecurity. But did you realize that the SOX s302 certification now has to address whether disclosure controls are adequate in ensuring that the proper disclosures are made?

 

, , ,

Cybersecurity governance and D&O liability

The assessment of a corporation’s cyber risks is part of a board of directors’ general risk oversight responsibilities. Since lawsuits, including class actions, are often commenced soon after a data breach, directors and officers should now consider that the board’s oversight of cyber risks may also be closely and thoroughly scrutinized in future litigation and […]

 

, , , , , , , , , , , , , ,