O'Reilly logo

Guide: Reporting on an Entity's Cybersecurity Risk Management Program and Controls by American Institute of Certified Public Accountants

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Appendix D

Trust Services Criteria for Security, Availability, and Confidentiality for Use as Control Criteria in the Cybersecurity Risk Management Examination

This appendix is nonauthoritative and is included for informational purposes only.

The trust services criteria for security, availability, and confidentiality and the related points of focus in this appendix have been extracted from TSP section 100, 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy (AICPA, Trust Services Criteria), issued in April 2017 by the AICPA’s Assurance Services Executive Committee. The complete text may be found at www.aicpa.org/cybersecurityriskmanagement.

The following table presents the trust services criteria and the related points of focus for security, availability, and confidentiality, which are applicable to a cybersecurity risk management examination. In the table, criteria and related points of focus that come directly from the Committee of Sponsoring Organizations of the Treadway Commission’s (COSO’s) 2013 Internal Control—Integrated Framework (COSO framework)1 are presented using a normal font. In contrast, criteria and points of focus that apply to engagements using the trust services criteria are presented in italics.

TSP Ref. #

TRUST SERVICES CRITERIA AND POINTS OF FOCUS

 

CONTROL ENVIRONMENT

CC1.1

COSO Principle 1: The entity demonstrates a commitment to integrity and ethical values.

 

The following points of ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required