FRC report calls for improved digital security risk disclosure

The UK regulator shares disclosure recommendations designed to help organisations meet the needs of investors and be prepared for new reporting requirements.

Please note: This item is from our archives and was published in 2022. It is provided for historical reference. The content may be out of date and links may no longer function.

FRC report calls for improved digital security risk disclosure

The Financial Reporting Council (FRC) Lab on Wednesday issued Digital Security Risk Disclosure, a report designed to help UK companies effectively disclose information on digital security strategies, risks, and governance sought by investors.

The FRC, which sets UK corporate governance and stewardship codes, said in a news release that its research revealed that “disclosures are not meeting investor needs effectively and companies need to improve to address this”. And it’s not just about what investors want: The 31-page report stated that the UK government recently identified digital security as “a key business resilience issue” that must be addressed as a part of new reporting requirements on the horizon.

“Every company is now digital, so providing useful, relevant, and focused disclosure on digital security is critical,” Mark Babington, executive director of regulatory standards at the FRC, said in the release. “Investors need transparency in this area, and this report provides a key resource for companies looking to achieve this.”

The report offers guidance and real-world examples for reporting teams and risk teams involved in reporting and audit committees. The FRC recommended the need for more useful disclosures in four areas:

  • Strategy. Establish the importance of digital security and strategy to an organisation’s current and future business model, strategy, and environment.
  • Governance. Detail the organisation’s established governance structures, culture, and processes to support digital security and strategy.
  • Risk. Identify current and future risks and opportunities related to digital security and strategy that the organisation is facing.
  • Events. Highlight the impact of internal and external events and the organisation’s responses.

— To comment on this article or to suggest an idea for another article, contact Bryan Strickland at Bryan.Strickland@aicpa-cima.com.

Up Next

With greenhouse gas reporting, sizable gaps persist

By Bryan Strickland
September 5, 2025
Large companies in the UK are making progress as more sustainability reporting requirements approach, but they could face significant challenges when seeking assistance from smaller companies in their supply chain.
Advertisement

LATEST STORIES

With greenhouse gas reporting, sizable gaps persist

Accountability: Inescapable, challenging, and valuable

US business outlook brightens somewhat despite trade, inflation concerns

Elevating productivity through strategic business partnering

Mark Koziel Q&A: Talent, sense of community, profession opportunities

Advertisement
Read the latest FM digital edition, exclusively for CIMA members and AICPA members who hold the CGMA designation.
Advertisement

Related Articles