TEXT-EXTRACT 2 filename2.txt April 8, 2019 Gregory S. Clark President, Chief Executive Officer and Director Symantec Corporation 350 Ellis Street Mountain View, CA 94043 Re: Symantec Corporation Form 10-K for the fiscal year ended March 30, 2018 Filed October 26, 2018 Form 10-Q for the fiscal period ended December 28, 2018 Filed February 4, 2019 File No. 000-17781 Dear Mr. Clark: We have reviewed your March 14, 2019 responses to our comment letter and have the following comments. In some of our comments, we may ask you to provide us with information so we may better understand your disclosure. Please respond to these comments within ten business days by providing the requested information or advise us as soon as possible when you will respond. If you do not believe our comments apply to your facts and circumstances, please tell us why in your response. After reviewing your response to these comments, we may have additional comments. Unless we note otherwise, our references to prior comments are to comments in our February 21, 2019 letter. Form 10-K for the Year Ended March 30, 2018 Management's Discussion and Analysis of Financial Condition and Results of Operations, page 36 1. We note from your response to prior comment 1 that management periodically monitors customer retention and renewal rates for significant changes in each of your segments. Please clarify for us what you mean by "periodically monitors." Also, you state the comparability of your renewal and retention rates for your Enterprise Security segment are limited due to a divestiture in fiscal 2016 and an acquisition in early fiscal 2017. Please explain further why transactions from two years ago continue to impact the usefulness of these metrics. Also, describe further the changes made to the way you sell your Enterprise Gregory S. Clark FirstNameCorporation Symantec LastNameGregory S. Clark Comapany NameSymantec Corporation April 8, 2019 April 2 2019 Page 2 Page 8, FirstName LastName Security arrangements and how such changes impacted the usefulness of such measures. In addition, please provide us with the renewal and retention rates for each of the Enterprise Security and Consumer Digital Security segments for each quarter during the last three fiscal years. To the extent there have been significant fluctuations in such measures, particularly for the Consumer Digital Security segment, please explain further why a quantified discussion would not be useful to investors. Refer to Section III.B.1 of SEC Release 33-8350. Item 9A. Disclosure Controls and Procedures, page 52 2. We note your response to prior comment 2. In order for us to better understand the control deficiency identified and how you considered the potential magnitude of the control deficiency, please address the following as it relates to the transaction that was initially recorded as revenue rather than the majority of the transaction being recorded as deferred revenue: Explain further how the revenue misstatement was discovered during the Audit Committee investigation. Describe the transaction that resulted in this misstatement, clarify why the accounting changed and cite the specific accounting guidance applied. Describe the standard sales process and the individuals involved in the process, from negotiating to reviewing, closing, and recording a transaction, and how segregation of duties is considered. If the standard process differed for this particular transaction, please explain why. Please also explain if there were other circumstances in which the standard process was not followed and whether the Audit Committee reviewed and considered those transactions as a part of its investigation. Explain in more detail how the control identified in your response works, including the level of precision related to this control. For example, explain the nature of the revenue training and representations, and tell us why you believe if the sales personnel had been involved this control would have detected the misstatement on a timely basis. Explain in more detail the nature of the control deficiency. For example, clarify whether it is a design or operating effectiveness control deficiency. Also, explain in detail how the change in controls as described in your response would have prevented or detected a misstatement on a timely basis. With regards to the maximum amount or total number of transactions exposed to the deficiency, please explain in more detail how you determined the criteria for this additional population. Explain the characteristics that were unique to these additional transactions and the transaction resulting in the misstatement, and describe any differences related to the nature of these transactions. Tell us what percentage of your new 2018 sales contracts these additional contracts represented. Additionally, tell us why you did not consider any new sales contracts prior to fiscal 2018 in your analysis. Lastly, to the extent such population was limited to a certain product line or class of Gregory S. Clark FirstNameCorporation Symantec LastNameGregory S. Clark Comapany NameSymantec Corporation April 8, 2019 Page 8, April 3 2019 Page 3 FirstName LastName revenue, please explain why. Clarify whether the number of potential transactions exposed to the control deficiency in fiscal 2018 is indicative of what you might identify in a typical year. Provide an analysis of the potential magnitude of additional transactions, which includes the identified misstatement. In this regard, your response indicates you excluded the misstatement in the analysis provided. In addition, your analysis should consider the potential impact to income from continuing operations before taxes, income from continuing operations, and net income, and how that impacts your consideration of whether the identified adjustment rose to the level of a material weakness. As part of this analysis, please explain whether the additional potential magnitude determined was based on the full amount of revenue from those transactions being deferred, or part of the amount being deferred. If the latter, please explain the rationale. 3. You state on page 69 that the Audit Committee noted relatively weak and informal processes with respect to some aspects of review, approval and tracking of transition and transformation expenses. Also, in the Form 8-K furnished on November 1, 2018 you refer to adjustments to stock-based compensation, certain other operating expenses and income taxes. Tell us whether any adjustments related to each of these matters relate to the revenue misstatement or to the related control deficiency. To the extent these adjustments were separate from the revenue misstatement, please describe any control deficiencies related to these adjustments, and tell us how you considered these control deficiencies in aggregation with the other control deficiencies identified, including the control deficiency related to the revenue misstatement. Lastly, tell us whether these adjustments arose from control deficiencies impacting any of the COSO components outside of control activities, including consideration related to aggregation of the control deficiencies. 4. Your disclosures on page 69 also indicate that the Audit Committee identified certain behavior inconsistent with the company's Code of Conduct and related policies. Please address the following related to that disclosure: Further describe the behaviors identified and the roles of the individuals involved. Tell us whether any of those involved had financial reporting responsibilities. If so, explain whether you identified any control deficiencies, including with regards to the COSO components outside of control activities. Tell us whether the recent resignations of the Chief Operating Officer and Chief Financial Officer were related to the Code of Conduct issues and/or any other issues identified in the Audit Committee Investigation. If so, tell us how that impacted your assessment of whether you identified any control deficiencies, including with regards to the COSO components outside of control activities. Gregory S. Clark Symantec Corporation April 8, 2019 Page 4 Describe further the clarifications and enhancements made to the Code of Conduct and related policies. As part of your response, clarify whether other control deficiencies were identified as part of the process of making these enhancements. If so, please explain how these control deficiencies were considered in aggregation with the other existing control deficiencies. Form10-Q for the Quarter Ended December 28, 2018 Note 3. Revenues Performance Obligations, page 10 5. We note your response to prior comment 6. Considering the majority of the arrangements that include a license and interrelated deliverables are term-based licenses that are recognized over the contract term, please revise the table on page 11 to indicate as such. You may contact Brittany Ebbertt, Senior Staff Accountant, at 202-551-3572 or Kathleen Collins, Accounting Branch Chief, at 202-551-3499 if you have questions. Sincerely, FirstName LastNameGregory S. Clark Division of Corporation Finance Comapany NameSymantec Corporation Office of Information Technologies April 8, 2019 Page 4 and Services FirstName LastName