Qualitatively Material Cyber Incidents

qualitatively material

Today I want to revisit the new SEC rules for disclosing material cybersecurity incidents, and in particular those qualitatively material incidents that might seem especially tricky to assess and prevent. What internal controls become more important for that type of threat? This is on my mind because we’re already starting to see some companies disclose…

Read More

‘Office Space,’ Fraud, and Controls

Office Space

They say that life sometimes imitates art. Now we have an example of that in the world of Sarbanes-Oxley compliance, courtesy of that knucklehead in Seattle charged the other week with embezzling company money just like those characters in the film “Office Space.”  You may have already seen the headlines. A former IT employee at…

Read More