By continuing to access our website, you agree to our privacy policy and use of cookies.

Learn More
Skip to Main Content

Press "Enter" to search

US MX

RSM US LLP

SEC Proposes Rules Regarding Cybersecurity-Related Disclosures

March 18, 2022

FINANCIAL REPORTING INSIGHTS | March 11, 2022

Authored by RSM US LLP


On March 9, 2022, the SEC released proposed rule amendments regarding various required cybersecurity-related disclosures. Among other stipulations, the proposed amendments would require:


  • Current reporting about material cybersecurity incidents on Form 8-K within four business days after the registrant determines that it has experienced a material cybersecurity incident. The SEC would not expect a registrant to publicly disclose specific, technical information about its planned response to the incident or its cybersecurity systems, related networks and devices, or potential system vulnerabilities in such detail as would impeded the registrant’s response or remediation of the incident. However, to the extent the information is known at the time of the Form 8-K filing, the disclosure should include:
    • When the incident was discovered and whether it is ongoing
    • A brief description of the nature and scope of the incident
    • Whether any data was stolen, altered, accessed or used for any other unauthorized purpose
    • The effect of the incident on the registrant’s operations
    • Whether the registrant has remediated or is currently remediating the incident


  • Periodic reporting on Form 10-Q and Form 10-K to provide updated disclosure about previously reported cybersecurity incidents and to require disclosure, to the extent known to management, when a series of previously undisclosed individually immaterial cybersecurity incidents has become material in the aggregate

  • Annual reporting in Form 10-K to provide disclosure about:
    • The registrant’s policies and procedures, if any, for the identification and management of risks from cybersecurity threats, including, among other matters, whether the registrant considers cybersecurity as part of its business strategy, financial planning and capital allocation
    • The registrant’s cybersecurity governance, including the board of directors’ oversight role regarding cybersecurity risks
    • Management’s role, and relevant expertise, in assessing and managing cybersecurity-related risks and implementing related policies, procedures and strategies


  • Annual reporting or proxy disclosure about the board of directors’ cybersecurity expertise, if any, including the name(s) of any such director(s) and any detail necessary to fully describe the nature of the expertise


  • The cybersecurity disclosures to be presented in Inline eXtensible Business Reporting Language

This article was written by RSM US LLP and originally appeared on 2022-03-11.
2021 RSM US LLP. All rights reserved.
https://rsmus.com/our-insights/newsletters/financial-reporting-insights/sec-proposes-rules-regarding-cybersecurity-related-disclosures.html


RSM US Alliance provides its members with access to resources of RSM US LLP. RSM US Alliance member firms are separate and independent businesses and legal entities that are responsible for their own acts and omissions, and each is separate and independent from RSM US LLP. RSM US LLP is the U.S. member firm of RSM International, a global network of independent audit, tax, and consulting firms. Members of RSM US Alliance have access to RSM International resources through RSM US LLP but are not member firms of RSM International. Visit rsmus.com/about us for more information regarding RSM US LLP and RSM International. The RSM logo is used under license by RSM US LLP. RSM US Alliance products and services are proprietary to RSM US LLP.

Hylant is a proud member of RSM US Alliance, a premier affiliation of independent accounting and consulting firms in the United States. RSM US Alliance provides our firm with access to resources of RSM US LLP, the leading provider of audit, tax and consulting services focused on the middle market. RSM US LLP is a licensed CPA firm and the U.S. member of RSM International, a global network of independent audit, tax and consulting firms with more than 43,000 people in over 120 countries.

Our membership in RSM US Alliance has elevated our capabilities in the marketplace, helping to differentiate our firm from the competition while allowing us to maintain our independence and entrepreneurial culture. We have access to a valuable peer network of like-sized firms as well as a broad range of tools, expertise, and technical resources.

For more information on how ​Hylant can assist you, please call 800-249-5268.

Related Insights

Cybersecurity Small Business 1600x600
Small Business

Cybersecurity Best Practices for Small Businesses

April 17, 2024

Read More
Pub Co Cyber Disclosures 1600x600
Executive Risk

SEC Implements Rules on Cybersecurity and Incident Disclosure by Public Companies

April 9, 2024

Read More
Cyber Insider Threat 1600x600
Cyber

Cyber Insider Threat Prevention and Response

March 26, 2024

Read More

Hylant is a proud member of RSM US Alliance, a premier affiliation of independent accounting and consulting firms in the United States. RSM US Alliance provides our firm with access to resources of RSM US LLP, the leading provider of audit, tax and consulting services focused on the middle market. RSM US LLP is a licensed CPA firm and the U.S. member of RSM International, a global network of independent audit, tax and consulting firms with more than 43,000 people in over 120 countries.

Our membership in RSM US Alliance has elevated our capabilities in the marketplace, helping to differentiate our firm from the competition while allowing us to maintain our independence and entrepreneurial culture. We have access to a valuable peer network of like-sized firms as well as a broad range of tools, expertise, and technical resources.

For more information on how ​Hylant can assist you, please call 800-249-5268.