View Rule

View EO 12866 Meetings Printer-Friendly Version     Download RIN Data in XML
SEC RIN: 3235-AM89 Publication ID: Fall 2023 
Title: Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure 
Abstract:

The Commission adopted new rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incidents by public companies that are subject to the reporting requirements of the Securities Exchange Act of 1934. Specifically, the Commission adopted amendments to require current disclosure about material cybersecurity incidents. The Commission also adopted rules requiring periodic disclosures about a registrant’s processes to assess, identify, and manage material cybersecurity risks, management’s role in assessing and managing material cybersecurity risks, and the board of directors’ oversight of cybersecurity risks. Lastly, the final rules require the cybersecurity disclosures to be presented in Inline eXtensible Business Reporting Language ("Inline XBRL").

 
Agency: Securities and Exchange Commission(SEC)  Priority: Substantive, Nonsignificant 
RIN Status: Previously published in the Unified Agenda Agenda Stage of Rulemaking: Completed Actions 
Major: No  Unfunded Mandates: No 
CFR Citation: 17 CFR 229.10 to 229.1305    17 CFR 229.106 and 229.407    17 CFR 232.10 to 232.903    17 CFR 232.405    17 CFR 239.13    17 CFR 239.45    17 CFR 240.13a-11    17 CFR 240.15d-11    17 CFR 240.14a-101    17 CFR 240.14c-101    17 CFR 249.220f    17 CFR 249.306    17 CFR 249.308    17 CFR 249.308A    17 CFR 249.310    ...     (To search for a specific CFR, visit the Code of Federal Regulations.)
Legal Authority: 15 U.S.C. 77g    15 U.S.C. 77s(a)    15 U.S.C. 78c(b)    15 U.S.C. 78l    15 U.S.C. 78m    15 U.S.C. 78n    15 U.S.C. 78o    15 U.S.C. 78w(a)    ...   
Legal Deadline:  None
Timetable:
Action Date FR Cite
NPRM  03/23/2022  87 FR 16590   
NPRM Comment Period End  05/09/2022 
NPRM Comment Period Reopened  10/18/2022  87 FR 63016   
NPRM Comment Period End  11/01/2022 
Final Action  08/04/2023  88 FR 51896   
Final Action Effective  09/05/2023 
Regulatory Flexibility Analysis Required: Yes  Government Levels Affected: None 
Small Entities Affected: Businesses  Federalism: No 
Included in the Regulatory Plan: No 
RIN Data Printed in the FR: Yes 
Agency Contact:
Nabeel Cheema
Division of Corporation Finance
Securities and Exchange Commission
100 F Street NE,
Washington, DC 20549
Phone:202 551-3430
Email: cheeman@sec.gov