Cyber-security risk oversight is the area with the greatest increase in audit committee disclosures in proxy statements, according to the 2020 Audit Committee Transparency Barometer issued by the Center for Audit Quality and Audit Analytics. Companies of all sizes are dealing with increasing cyber-threats and new regulations over cyber-security and data management and reporting.
Disclosures related to the audit committee’s responsibility for cyber-security risk oversight have increased significantly over the past five years. Thirty-nine percent of S&P 500 companies made such disclosures in 2020, up from 19 percent in 2018 and 11 percent in 2016. Further, 28 percent of S&P 500 companies disclosed whether their board has a cyber-security expert in 2020, up from 14 percent in 2018 and 7 percent in 2016. There were also significant increases in these disclosures over the same timeframe for S&P mid- and small-cap companies.
