AICPA Unveils Cybersecurity Risk Management

BY Nathan Kalepp

One only needs to skim the daily news to realize that hackers are getting better and cybersecurity is more important than ever. The most recent cyberattack was a strain of ransomware that spread itself across all workstations in a network, causing a global epidemic. It is estimated that this attack impacted more than 200,000 victims in at least 150 countries. Luckily, a programmer developed an internal “kill switch,” which disabled the malware from spreading any further. Regardless of whether your system was impacted by this outbreak or not, there are many lessons to be learned; principally, the need to reinforce fundamental security practices to prepare for the future.

Taking these recent outbreaks into consideration, it is evident that organizations need to make cybersecurity risk management a top priority. To help leaders in the accounting profession reach this goal, the American Institute of Certified Public Accountants (AICPA) has unveiled a cybersecurity risk management reporting framework that will help companies and auditors communicate cyber risk readiness to stakeholders. The framework is long overdue. Until now, a common language for companies to communicate about their cybersecurity risk management was non-existent. The AICPA’s new framework includes three main resources:

  1. Description criteria used by management to explain the organization’s cybersecurity risk management program in a consistent manner and for use by CPAs to report on management’s description.
  2. Control criteria used by CPAs providing advisory or attestation services to evaluate and report on the effectiveness of the controls within a client’s program.
  3. Attest Guide, Reporting on an Entity’s Cybersecurity Risk Management Program and Controls, will be used to assist CPAs engaged to examine and report on an entity’s cybersecurity risk management program.

Cyber threats are constantly evolving; and unfortunately, your cash and customer information are desirable targets. Providing assurance to your team and stakeholders requires intentionality and a plan. Having strong cybersecurity measures in place will help safeguard sensitive information, and the AICPA’s new reporting framework will help you better communicate your preparedness to key stakeholders. If you need any guidance in this area, please reach out to one of our professional staff.

Dinner With Bauman

BY Bauman Associates

 

Students, don’t miss out on a free Dinner with Bauman!

Contrary to popular belief, there IS such a thing as a FREE dinner! Join accounting professionals from Bauman Associates on October 19th for pizza, door prizes and a unique opportunity to find out what it is like to work in a public accounting firm. Students will also learn about the employment opportunities Bauman offers and network with leaders in the field. This event will take place in Centennial Hall at UWEC, Room 320 from 4:00 – 6:30 pm. Space is limited and there is a deadline, so fill out and submit your application today (or by Thursday, October 12th). We look forward to seeing you there!

 Click here for Dinner with Bauman Application