AICPA logo
Cart
searchSearch
search
burger
AICPA logo
  • Home
product-image
Reporting on an Entity's Cybersecurity Risk Management Program and Controls: Attestation Guide
Publication

Reporting on an Entity's Cybersecurity Risk Management Program and Controls: Attestation Guide

When you're examining a cybersecurity risk management program and its controls, look to this authoritative guide for interpretive guidance. Includes a framework for providing stakeholders with useful, credible information about the effectiveness of an entity's cybersecurity efforts.

$80 - $100
Do you have an AICPA membership? Log in to apply your member discount.

Format

Subscription

Availability

1 year

Key Topics
  • Interpretive guidance on performing and reporting on the new cybersecurity risk management examination
  • The description criteria issued in April 2017 by the AICPA's Assurance Services Executive Committee (ASEC) , which may be used to evaluate the description of the entity's cybersecurity risk management program
  • The 2017 trust services criteria issued in April 2017 by ASEC, which may be used to evaluate the effectiveness of controls
  • Illustrative cybersecurity risk management reports, including an example organization's cybersecurity risk management program and a practitioner's report
Product Details

The stakes have never been higher in cybersecurity.

That's why your stakeholders are depending on you to deliver an airtight examination of risk management measures.

Our cybersecurity risk management reporting framework enables you to do this work, for companies of all sizes – in industries around the world.

A dynamic, proactive and agile approach to cybersecurity risk management

This authoritative guide shows you how to implement this framework, when an organization seeks your opinion.

The guide includes two distinct but complementary sets of criteria that you can use in the examination.

Description criteria: Use this approach to describe a company's cybersecurity risk management program and inform users about the processes and controls implemented to mitigate cybersecurity risks.

The description criteria enable consistency and efficiency when communicating the extent and effectiveness of the cybersecurity risk management controls in place.

CPAs may use these same criteria to evaluate the management's description.

Control criteria: Use the 2017 Trust Services Criteria as the control in evaluating the effectiveness of a company's cybersecurity program.

CPAs may also use the criteria to evaluate the effectiveness of the controls within a client's program in the cybersecurity examination or when providing cybersecurity advisory services.

The cybersecurity risk management examination is part of the AICPA's suite of System and Organization Controls – or SOC – service offerings.

Who Will Benefit
  • CPAs looking to support clients' cybersecurity efforts – from readiness engagements performed under the consulting standards, to the new cybersecurity risk management examination
Pricing
Do you have an AICPA membership? Log in to apply your member discount.
Nonmembers
$100.00
AICPA Members
$80.00

Looking for group pricing?

We can help with group discounts. Call us at 1-800-634-6780 (option 1) or email us at salessupport@aicpa.org

Contact us
More Details
Access
This is a digital product. You will have access to the content for 1 year after purchase date. It is set to automatically renew upon expiration, at the current price and your membership level. Your credit card details will be saved to your account and you will have the option to edit this auto renewal after purchase
Accessibility

The Association is dedicated to removing barriers to the accountancy profession and ensuring that all accountancy professionals and other members of the public with an interest in the profession or joining the profession, including those with disabilities, have access to the profession and the Association's website, educational materials, products, and services. The Association is committed to making professional learning accessible to all. This commitment is maintained in accordance with applicable law. For additional information, please refer to the Association's Website Accessibility Policy. For accommodation requests, please contact adaaccessibility@aicpa-cima.com and indicate the product that you are interested in (title, etc.) and the requested accommodation(s): Audio/Visual/Other. A member of our team will be in contact with you promptly to make sure we meet your needs appropriately.

Reporting on an Entity's Cybersecurity Risk Management Program and Controls: Attestation Guide
Nonmember Price
$100.00
Price excluding sales tax
$100.00
Do you have an AICPA membership? 
Log in to apply your member discount.
Shipping cost and sales tax will be added later during checkout

Related content