O'Reilly logo

Guide: Reporting on an Entity's Cybersecurity Risk Management Program and Controls by American Institute of Certified Public Accountants

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Appendix F-1

Illustrative Accountant’s Report in the Cybersecurity Risk Management Examination

This illustration is nonauthoritative and is included for informational purposes only.

Independent Accountant’s Report

To Management of ABC Entity:

Scope

We have examined the accompanying description of ABC Entity’s cybersecurity risk management program titled [insert title of management’s description] throughout the period [date] to [date] (description) based on the description criteria noted below. We have also examined the effectiveness of the controls within that program to achieve the entity’s cybersecurity objectives based on the control criteria noted below.

The criteria used to prepare the description are [name of the description criteria, e.g., AICPA Description Criteria for Management’s Description of an Entity’s Cybersecurity Risk Management Program] (description criteria); the criteria used to evaluate whether the controls within the entity’s cybersecurity risk management program were effective to achieve the entity’s cybersecurity objectives are [name of the control criteria, e.g., the criteria for security, availability, and confidentiality set forth in TSP section 100, 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy (AICPA, Trust Services Criteria) or other suitable criteria] (control criteria).

An entity’s cybersecurity risk management program is the set of policies, processes, and controls designed to protect ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required