Pursuant to 5 CFR 1320.11(c), OMB files this comment on this information collection request (ICR). This OMB action is not an approval to conduct or sponsor an information collection under the Paperwork Reduction Act of 1995. This action has no effect on any current approvals. If OMB has assigned this ICR a new OMB Control Number, the OMB Control Number will not appear in the active inventory. For future submissions of this information collection, reference the OMB Control Number provided. The agency shall examine public comment in response to the NPRM and will describe in the supporting statement of its next collection any public comments received regarding the collection as well as why (or why it did not) incorporate the commenterâs recommendation. The next submission to OMB must include the draft final rule.
Inventory as of this Action
Requested
Previously Approved
12/31/2026
36 Months From Approved
12/31/2026
8,292
0
8,292
13,988,811
0
13,988,811
1,835,594,519
0
1,835,594,519
Form 10-K is filed by issuers of securities to satisfy their annual report obligations pursuant to Sections 13 and 15(d) of the Exchange Act.
If adopted, the proposed amendments would require additional disclosure of a registrantâs policies and procedures, if any, for the identification and management of risks from cybersecurity threats, a registrantâs cybersecurity governance, including the board of directorsâ oversight role regarding cybersecurity risks, and managementâs role and expertise in assessing and managing cybersecurity risk and implementing the registrantâs cybersecurity policies, procedures, and strategies, as well as disclosure regarding board member cybersecurity expertise, if any. The Commission also proposed to require registrants to provide updated disclosure relating to previously disclosed cybersecurity incidents and to require disclosure, to the extent known to management, when a series of previously undisclosed individually immaterial cybersecurity incidents has become material in the aggregate.
The Commission estimates that the amendments would result in an increase in the paperwork burden of affected entities. For purposes of the PRA, the Commission estimates that, for Form 10-K, the proposed amendments would result in an increase of 99,432 burden hours and $13,257,600 for the services of outside professionals.
On behalf of this Federal agency, I certify that the collection of information encompassed by this request complies with 5 CFR 1320.9 and the related provisions of 5 CFR 1320.8(b)(3).
The following is a summary of the topics, regarding the proposed collection of information, that the certification covers:
(i) Why the information is being collected;
(ii) Use of information;
(iii) Burden estimate;
(iv) Nature of response (voluntary, required for a benefit, or mandatory);
(v) Nature and extent of confidentiality; and
(vi) Need to display currently valid OMB control number;
If you are unable to certify compliance with any of these provisions, identify the item by leaving the box unchecked and explain the reason in the Supporting Statement.