We use cookies to customise content for your subscription and for analytics.
If you continue to browse Lexology, we will assume that you are happy to receive all our cookies. For further information please read our Cookie Policy.
In cooperation with Association of Corporate Counsel
  Request new password

Search results

Order by most recent / most popular / relevance

Results: 1-3 of 3

Accounting for cybersecurity - (part 2 of 4)

  • Pillsbury Winthrop Shaw Pittman LLP
  • -
  • USA
  • -
  • November 17 2011

The next section of the Guidance discusses the way that companies should address cybersecurity risks and cyber incidents under the reporting rules associated with Management's Discussion and Analysis of Financial Condition and Results of Operations ("MD&A") under Item 303 of Regulation S-K and Form 20-F, Item 5

Accounting for cyber security, Part Four - auditing cloud providers' security

  • Pillsbury Winthrop Shaw Pittman LLP
  • -
  • USA
  • -
  • December 15 2011

Because evaluating a service provider's security posture is more challenging in the cloud, in Part Three of this article we looked at ways to evaluate a cloud service provider's security prior to signing the contract and some of the issues between customers and suppliers created by the SEC Guidance

Accounting for cyber security - cloud service providers and ISO 27001

  • Pillsbury Winthrop Shaw Pittman LLP
  • -
  • USA
  • -
  • December 9 2011

In Parts One and Two of this article we discussed the new Guidance issued by the Securities and Exchange Commission (SEC) Division of Corporation Finance that provides guidance to companies with regard to whether and how a company should disclose the impact of the risk and cost of cybersecurity incidents (both malicious and accidental) on a company