AICPA’s New Cybersecurity Proposal
As we build greater protections against cyberattacks, criminals find ways to adapt. They adjust their strategies to stay ahead of the law and avoid detection. Cybercriminals are going after executives and their tactics can be very convincing. As your clients’ CPA and trusted advisor, you might be the first to notice suspicious activity. Your clients may not even be aware of all the new threats that exist.
Responding to industry feedback, The AICPA wants to give CPAs a stronger arsenal with which to help their clients combat these threats. The proposed Cybersecurity Examination would be a type of audit specifically designed to assess clients’ cybersecurity controls.
The Maryland Association of CPAs explains on their website, “Although management and auditor assertions under the proposed level of specificity / standardization with respect to cybersecurity are not required by regulators, the engagements are designed to meet increased calls for shoring up and providing transparency to cybersecurity controls and risk management. As such, the intended audience for such reports includes stakeholders concerned about or responsible for overseeing cybersecurity risk management, such as the board of directors.”
There is a comment period until December 5, 2016. Read more about this and share with your colleagues!