The SEC takes the position that public companies must assess and calibrate internal accounting controls for the risk of cyber frauds.
A decline in accounting fraud has freed up time for SEC staff to prioritize internal controls over financial statements.