Shelley Lisa Curling, Thesis Supervisor Samuel Burton Bonsall, IV, Thesis Honors Advisor
Keywords:
Auditing Cybersecurity
Abstract:
This thesis explores the reasons why the Securities Exchange Commission(SEC) will require public companies to issue an audited cybersecurity report in the near future. Currently, there is no federal law or regulation in the United States that encompasses the reporting of cybersecurity information by companies. Due to government inaction, the SEC has released guidance regarding disclosure of cybersecurity information by public companies. Consequently, companies may have to report certain cybersecurity information if it will materially affect their financial statements based on the SEC guidance. These types of disclosures have been benchmarked to see how companies have responded to the guidance put forth by the SEC. However, since there is not a required audited cybersecurity report, the public’s trust in this information is minimal. Through research, it was proven the factors of growing market demands and the COVID-19 Pandemic have led to the increased need of reliable cybersecurity information through an audited cybersecurity report.
