Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.


Status message

Start your free, no obligation 5-day trial to continue exploring with full access.

Bill would amend SOX, add cyber-security certifications

Joe Mont | May 9, 2016

Newly proposed legislation would amend the Sarbanes-Oxley Act to expand mandated internal controls reports and disclosures to include cyber-security systems and risks of publicly traded companies. The Cyber-security Systems and Risks Reporting Act, sponsored by Rep. Jim McDermott (D-Wash.), has been referred to the House Committee on Financial Services.

SOX Section 302 requires CEO and CFO certifications regarding the quality and accuracy of financial reports. Attestations would be extended to a company’s designated cyber-security officer, or a comparable position, and the internal controls they oversee. The bill also adds “information systems” and “cyber-security systems” to existing SOX requirements for financial statements. Similarly, “cyber-security systems standards and practices” would be affixed to the traditional “...

Read this single article for $49, or click the subscribe button below to review subscription options.

Enjoy unlimited access to thousands of articles, browse five years of digital magazines, qualify for reduced admission to events, and more.