|
Thanks to the Sarbanes-Oxley Act, public companies are required to disclose any event that can materially affect financial results. According to Info-Tech Research Group, an IT analyst firm based in London, Ontario, incidents -- security breaches, virus attacks, downtime and data loss -- can have significant impact and therefore should be reported promptly to the Securities and Exchange Commission and to shareholders. Info-Tech makes these reporting recommendations:
1. Create a presentation-style report. When communicating incidents to shareholders in particular, Info-Tech says a PowerPoint presentation that defines the problem and describes the response is usually sufficient.
2. Obtain CFO signoff. Since events that can significantly affect a company's financial results are the only ones that must legally be reported, enlist the CFO to make the final call on whether to issue a report.
3. Keep any report simple. When reporting a security breach or other IT-related event, don't use highly technical terms. Keep the language clear.
Megan Santosus, a former senior editor at CIO Decisions, is now a features editor for SearchDataCenter.com. Write to her at msantosus@techtarget.com.
|
