The LQ.AI Atlas LQ.AI's documentation, bound to the code it describes
234 documents
skills/action-items-from-client-alert/examples/example_clear_alert.md

Worked Example — Clear Alert

This example demonstrates Action Items from Client Alert handling a well-structured client alert with clear deadlines and applicability conditions.

Input

Alert date: 2026-02-15 Review date: 2026-05-07 (today) Document: Law firm client alert titled "SEC Adopts Final Cybersecurity Disclosure Amendments — Compliance Roadmap for 2026"

Optional inputs:

  • organization_context: "Publicly-traded technology company; Form 10-K filer; calendar fiscal year end."
  • relevant_business_areas: "all areas (full review)"
  • applicable_jurisdictions: "US federal"

Document (excerpts — actual alert is 4 pages):

CLIENT ALERT — SEC Adopts Final Cybersecurity Disclosure Amendments

February 15, 2026

On February 10, 2026, the Securities and Exchange Commission ("SEC") adopted final amendments to its cybersecurity disclosure rules under Regulations S-K and S-X. The amendments expand on the December 2023 cybersecurity disclosure rules and impose new requirements for issuer disclosure of cybersecurity governance, risk management, and material incident reporting.

Key Compliance Requirements:

  1. Form 8-K Item 1.05 — Material Cybersecurity Incident Reporting (already in effect since December 2023; amendments effective immediately). Issuers must report material cybersecurity incidents on Form 8-K within four (4) business days of determining materiality. The 2026 amendments clarify the materiality determination standard and add a requirement to update the original 8-K disclosure within three (3) business days of any material change in the disclosed information. Effective: immediately upon publication of the amendments.

  2. Annual Disclosure of Cybersecurity Governance (Item 106 of Regulation S-K, effective for fiscal years ending on or after December 15, 2026). Issuers must include in their Form 10-K disclosure of: (a) processes for assessing, identifying, and managing material cybersecurity risks; (b) board oversight of cybersecurity risks; (c) management's role in assessing and managing cybersecurity risks. The 2026 amendments expand the required disclosure to include (d) the board's specific cybersecurity expertise (or absence thereof); and (e) a description of any cybersecurity incidents that, while not individually material, have collectively resulted in material harm. Effective for fiscal years ending on or after December 15, 2026.

  3. New Quarterly Cybersecurity Incident Summary (Item 106A of Regulation S-K, effective for fiscal years beginning on or after January 1, 2027). Issuers must include in each Form 10-Q a summary of any cybersecurity incidents during the reporting quarter, including those individually below the materiality threshold. Effective for fiscal years beginning on or after January 1, 2027.

  4. Cybersecurity Risk Factor Updates (Item 105 of Regulation S-K, effective for fiscal years ending on or after December 15, 2026). Issuers must update Form 10-K risk factors to specifically address: (a) reasonably likely cybersecurity threats; (b) the issuer's current cybersecurity posture relative to those threats; (c) reliance on third parties for cybersecurity protection; (d) any cybersecurity incidents during the prior fiscal year and their impact. Effective for fiscal years ending on or after December 15, 2026.

  5. Best Practice Recommendation: Pre-Incident Materiality Frameworks. The SEC notes in the adopting release that issuers should consider pre-establishing materiality determination frameworks to enable timely Form 8-K reporting in incident response. No specific deadline; best practice.

Process Considerations:

Issuers should consider the following implementation steps:

  • Update incident response plans to incorporate the 4-business-day reporting requirement and the 3-business-day update obligation.
  • Brief boards on the cybersecurity expertise disclosure requirement, particularly Item 106(d).
  • Develop documentation for cybersecurity governance processes that will support the Item 106 disclosures.
  • Coordinate between Legal, IT Security, and Investor Relations on incident response and disclosure procedures.

Looking Ahead:

The SEC has indicated it expects to issue additional guidance on materiality determinations in the second half of 2026. Industry participants should monitor for this guidance.

This alert is for general informational purposes only and is not legal advice.

Output

Action Items from Client Alert: SEC Final Cybersecurity Disclosure Amendments

Source document: Client Alert dated February 15, 2026 — "SEC Adopts Final Cybersecurity Disclosure Amendments" Alert date: February 15, 2026 Organization context: Publicly-traded technology company; Form 10-K filer; calendar fiscal year end Relevant business areas: All areas (full review) Applicable jurisdictions: US federal

Context summary

The SEC adopted final amendments to its cybersecurity disclosure rules on February 10, 2026, expanding the December 2023 cybersecurity disclosure framework. The amendments add new requirements around Form 10-K cybersecurity governance disclosures, Form 10-Q quarterly incident summaries, expanded risk factors, and clarifications to Form 8-K materiality determinations. For calendar-fiscal-year filers like the user, the most consequential effective dates are December 15, 2026 (for the FY 2026 Form 10-K) and January 1, 2027 (for Q1 2027 Form 10-Q).

Mandatory action items

Past-deadline items

None. (The Form 8-K amendments are effective immediately as of February 10, 2026, but they are an ongoing obligation rather than a missed deadline; see "Ongoing obligations.")

Imminent (within 30 days)

None. Nearest deadlines are several months out for fiscal-year-end-driven items.

Near-term (30 days to 6 months)

None within this window.

Future (beyond 6 months)

1. Annual cybersecurity governance disclosure in FY 2026 Form 10-K

What: include in the FY 2026 Form 10-K the required Item 106 cybersecurity governance disclosures, including (newly required) board cybersecurity expertise (or absence thereof) and disclosure of incidents that are individually below materiality but collectively material.

Deadline: Form 10-K filing for fiscal year ending December 15, 2026 (calendar fiscal year end → 10-K typically filed by March 1, 2027 for accelerated filers, or earlier for large accelerated filers).

Owner: Legal (corporate / securities) coordinated with IT Security, Internal Audit, Board / Audit Committee.

Source citation: Item 2 of the alert, citing Item 106 of Regulation S-K as amended.

Applicability: Applicable to user as a publicly-traded Form 10-K filer.

2. Cybersecurity risk factor updates in FY 2026 Form 10-K

What: update Form 10-K Item 105 risk factors to specifically address: (a) reasonably likely cybersecurity threats; (b) current cybersecurity posture; (c) third-party cybersecurity reliance; (d) prior-fiscal-year incidents and their impact.

Deadline: Form 10-K filing for fiscal year ending December 15, 2026 (same as Item 1 above).

Owner: Legal (corporate / securities) coordinated with IT Security and Risk Management.

Source citation: Item 4 of the alert, citing Item 105 of Regulation S-K as amended.

Applicability: Applicable to user as a publicly-traded Form 10-K filer.

3. Quarterly cybersecurity incident summary beginning Q1 2027

What: beginning with Form 10-Q for Q1 2027, include a summary of any cybersecurity incidents during the reporting quarter, including those below the materiality threshold.

Deadline: First applicable Form 10-Q is for Q1 2027 (calendar fiscal year), typically filed by May 10, 2027.

Owner: Legal (corporate / securities) coordinated with IT Security.

Source citation: Item 3 of the alert, citing Item 106A of Regulation S-K as amended.

Applicability: Applicable to user as a Form 10-Q filer.

Ongoing obligations

4. Material cybersecurity incident reporting on Form 8-K

What: report material cybersecurity incidents on Form 8-K within four (4) business days of determining materiality. Update original 8-K disclosure within three (3) business days of any material change in disclosed information.

Periodicity: Triggered by incident occurrence.

Owner: Legal (corporate / securities) coordinated with IT Security and Investor Relations; established incident response procedures should incorporate this trigger.

Source citation: Item 1 of the alert; Form 8-K Item 1.05.

Applicability: Applicable to user as a publicly-traded company.

Note: This is the existing requirement effective since December 2023, with clarifying amendments effective February 10, 2026. If the user's existing incident response procedures already implement the 4-business-day timeline, the new amendment to add a 3-business-day update obligation is the incremental change to address.

5. Pre-establish materiality determination framework

What: establish documented framework for determining materiality of cybersecurity incidents to enable timely Form 8-K reporting.

Why recommended: the 4-business-day reporting clock starts on materiality determination, not incident discovery. A pre-established framework reduces the time pressure and supports defensibility of the materiality determination.

Owner: Legal (corporate / securities), in consultation with IT Security and external counsel.

Source citation: Item 5 of the alert; SEC adopting release.

Applicability: Applicable to user.

Informational items

  • SEC has indicated additional guidance on materiality determinations expected in the second half of 2026. Monitor for guidance; may affect framework decisions for Item 5 above.

Items where applicability is unclear

None. All items in the alert are clearly applicable to the user as a publicly-traded technology company.

Items not applicable to user's organization

None.

Source references and follow-ups

  • Underlying regulations: Regulation S-K (Items 105, 106, 106A) and Regulation S-X as amended.
  • Adopting release: SEC Release No. 33-XXXX (referenced in alert); obtain for the legal team's compliance file.
  • Suggested follow-ups:
    • Coordinate with the user's auditor on disclosure controls implications for the Item 106 governance disclosures.
    • Brief Audit Committee and Board on cybersecurity expertise disclosure requirement in advance of FY 2026 Form 10-K drafting.
    • Update internal incident response runbooks to reflect the 4-business-day Form 8-K reporting clock and the 3-business-day update obligation.
    • Establish process for tracking and aggregating non-individually-material cybersecurity incidents for the new Item 106 collective-impact disclosure.

Notes on this extraction

Extraction was straightforward; the alert is well-structured with explicit effective dates and clear applicability. Two interpretation steps: (a) translating "fiscal years ending on or after December 15, 2026" to specific filing dates for the user (calendar-year filer → FY 2026 ends December 31, 2026); (b) translating "fiscal years beginning on or after January 1, 2027" to first applicable Form 10-Q (Q1 2027). Both translations are deterministic given the user's calendar fiscal year.

What this example demonstrates

  • Well-structured alerts produce clean extractions. The alert had explicit effective dates, applicability conditions, and itemized requirements; the extraction is mechanical.
  • Context summary is brief and orienting. Two sentences setting up the regulatory development, plus one sentence noting the most consequential effective dates. The user can stop reading after the context summary if they want and still know the bottom line.
  • Deadlines are translated to user-specific dates. The alert says "fiscal years ending on or after December 15, 2026"; the report translates this to the user's calendar fiscal year and the corresponding 10-K filing date. This translation is in scope because it's deterministic.
  • Owner suggestions are functional. Legal (corporate / securities) is the natural coordinator; coordinating functions (IT Security, Investor Relations, Internal Audit, Board/Audit Committee) are noted. The skill does not invent specific roles ("Sue in Legal").
  • Recommended action items get their own section. The pre-established materiality framework is recommended, not mandatory; calling it out separately preserves the distinction.
  • Informational items are concise. One bullet on expected SEC guidance; not padded with adjacent commentary.
  • Source references include specific follow-ups. The "obtain the adopting release" recommendation supports compliance documentation; the Audit Committee briefing recommendation is concrete next-step guidance.
  • Notes on extraction document the interpretation. The two interpretation steps (fiscal year translations) are flagged so the user knows where the skill made calls. If the user has a non-calendar fiscal year, this section is the place to verify the translations.