skip to main content

H.R. 5069 (114th): Cybersecurity Systems and Risks Reporting Act

We don’t have a summary available yet.

The summary below was written by the Congressional Research Service, which is a nonpartisan division of the Library of Congress, and was published on Apr 26, 2016.

Cybersecurity Systems and Risks Reporting Act

This bill amends the Sarbanes-Oxley Act of 2002 to apply to cybersecurity systems and cybersecurity systems officers the same requirements regarding corporate responsibility for financial reports and managements assessments of internal control structures and procedures for financial reporting as apply to public companies subject to oversight by the Securities and Exchange Commission (SEC). The SEC shall issue rules to define cybersecurity expert and require each issuer of securities to disclose whether or not (and if not, the reasons why) the issuer's audit committee has at least one member who is a cybersecurity expert. The SEC shall review an issuer's information systems and cybersecurity systems statements. In scheduling the such reviews the SEC shall consider, among other things, issuers that have issued cybersecurity risks disclosures.