The assignment this week is to write an executive summary of the 2018 SEC Cybersecurity guidance, in the form of a memo, to the audit committee of the board of directors. You will be writing the memo as if you are the Chief Audit Executive (internal auditor). As part of the memo, explain what disclosure controls are and why they are important in the context of cybersecurity.

In addition to a summary of the important elements the AC will need to know, provide an example in the memo of a Cybersecurity disclosure that has taken place since the guidance was released.

To find the example, go to the webpage privacyrights.org and find a public company that has disclosed a cybersecurity breach. .Identify one of the larger breaches of a publicly traded company as it is probably easiest to use a company that is well known. Then, go www.sec.gov (Links to an external site.) (Edgar system) and find the 8-k that disclosed the breach. Summarize the example in the memo describing disclosure (including timing – how long after the breach) in the 8-k. I found a company and looked at 8-k filings after the breach announcement. I had to read one or two 8-k filings before finding the 8-k related to cybersecurity.

https://www.law.cornell.edu/cfr/text/17/240.13a-15