AICPA advises on cybersecurity risk management

The American Institute of CPAs has developed a guide titled “Reporting on an Entity’s Cybersecurity Risk Management Program and Controls” to help CPAs examine and report on client organizations’ cybersecurity risk management programs.

Processing Content

The guide aims to help CPAs provide a new assurance service to evaluate a client’s description of its cybersecurity risk management program. The resulting report is hoped to help clients demonstrate to their stakeholders that they have sound cybersecurity procedures and practices.

This new guide comes on the heels of the release of description and control criteria for cybersecurity programs released by the AICPA last month.

“At the AICPA, we saw the emerging market need several years ago,” AICPA executive vice president Susan S. Coffey, CPA, CGMA said in a blog post. “We recognized that there hasn’t been a consistent, common language for describing and reporting on the cybersecurity risk management programs organizations put in place. This lack of transparency makes it difficult for stakeholders to determine whether an organization’s cybersecurity risk management plan effectively addresses potential threats … [This] framework is designed to meet the information needs of a broad range of third-party users. It provides organizations with a common language to use when evaluating and reporting on their cybersecurity efforts, and gives them a level of comfort that they’ve adequately considered best practices when designing, implementing and operating their programs.”

The guidelines were assembled by AIPCA’s Auditing Standards Board and Assurance Services Executive Committee. For more information, click here.

AICPA building in Durham, N.C.


For reprint and licensing requests for this article, click here.
Cyber Security Data security Technology AICPA
MORE FROM ACCOUNTING TODAY

The time saved by using AI is being eroded by the time spent verifying its outputs.

1h ago
6 Min Read
AI smart

Meaden & Moore, a Cleveland-based accounting, tax, advisory and forensic accounting firm, took an investment from private equity firm Unity Partners.

2h ago
1 Min Read
Rollins-Jim-MeadenMoore.jpg

Athletes from countries across the globe competing in the World Cup may be going home with an unwelcome prize this year: a hefty tax bill from the United States.

2h ago
11 Min Read
world-cup-match-us-belgium.jpg

The Regional Leader acquired Harris, Greene LLP, an accounting firm in Irvine, California, expanding its footprint in Southern California.

4h ago
1 Min Read
2022 Best Firms - Windes

New features and updates include a revamped Reconciliation Rules engine.

6h ago
2 Min Read
Sovos

Nashville firm Equitas Strategic Partners acquired McBride Accounting, a tax, accounting and business advisory firm in the Atlanta metropolitan area.

7h ago
1 Min Read
Nashville skyline