Businesses can prepare for the Securities and Exchange Commission’s (SEC) upcoming cybersecurity disclosure rule by going through it and identifying key gaps in compliance, according to an expert.
The final rule adopted by the SEC in July includes two major parts, noted Mary Tarchinski-Krzoska, market adviser for risk and compliance at software provider AuditBoard. Tarchinski-Krzoska spoke Tuesday during a session at a conference in Las Vegas jointly sponsored by ISACA, formerly the Information Systems Audit and Control Association, and the Institute of Internal Auditors.
