Regulations | Deloitte CFR
You can find more about key regulations impacting corporate reporting by selecting the item you are interested in from the following table.
| Title | Description | Date issued |
|---|---|---|
| AICPA Framework related to Cybersecurity Risk Management | The American Institute of CPAs (AICPA) has introduced a market-driven, flexible and voluntary cybersecurity risk management reporting framework | May 31, 2017 |
| Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies (SEC) | The SEC on July 26, 2023, adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance. The Commission also adopted rules requiring foreign private issuers to make comparable disclosures. | |
| IIRC’s Integrated Reporting Framework | The IR Framework has been developed to meet this need and provide a foundation for the future. | Jan 19, 2021 |
| OSFI – Intelligence Led Cyber Resilience Testing (I-CRT) framework | OSFI – Intelligence Led Cyber Resilience Testing (I-CRT) framework | Apr 21, 2023 |
| OSFI – Updated Advisory re Technology and Cyber Security Incident Reporting | Technology and cyber security incident reporting advisory | Aug 13, 2021 |
| SASB – Sustainability Disclosures | In formulating its disclosure standards, SASB views sustainability as having five dimensions – environment; social capital; human capital; business model and innovation; and leadership and governance. | Nov 07, 2018 |