On October 13, 2011, the Securities and Exchange Commission (SEC) Division of Corporation Finance released CF Disclosure Guidance: Topic No. 2 – Cybersecurity (the “Guidance”), which is intended to provide guidance to companies on whether and how to disclose the impact of the risk and cost of cybersecurity incidents (both malicious and accidental) on a company.
Part 1 – Posted November 15, 2011. Available at http://www.sourcingspeak.com/2011/11/accounting-for-cybersecurity.html
Part 2 – In Part Two we’ll look at the specific advice provided by the Guidance regarding specific reporting regulations and how it might apply to some recent cyber-incidents. Posted November 17, 2011. Available at http://www.sourcingspeak.com/2011/11/accounting-for-cybersecurity—part-two.html
Part 3 – Cloud Service Providers and ISO 27001. Posted December 9, 2011. Available at http://www.sourcingspeak.com/2011/12/accounting-for-cyber-security-part-three—cloud-service-providers-and-iso-27001.html
Part 4 – Auditing Cloud Providers’ Security. Posted December 15, 2011. Available at http://www.sourcingspeak.com/2011/12/accounting-for-cyber-security-part-four—auditing-cloud-providers-security.html