O'Reilly logo

Guide: Reporting on an Entity's Cybersecurity Risk Management Program and Controls by American Institute of Certified Public Accountants

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Preface

(Updated as of May 1, 2017)

About AICPA Guides

This AICPA Guide, Reporting on an Entity’s Cybersecurity Risk Management Program and Controls, has been developed by the AICPA’s Assurance Services Executive Committee (ASEC) Cybersecurity Working Group, in conjunction with the Auditing Standards Board (ASB), to assist practitioners engaged to examine and report on an entity’s cybersecurity risk management program.

This guide is recognized as an interpretive publication as described in AT-C section 105, Concepts Common to All Attestation Engagements.1 Interpretative publications are recommendations on the application of Statements on Standards for Attestation Engagements (SSAEs) in specific circumstances, including engagements for entities in specialized industries. The SSAEs are also known as the attestation standards.

Interpretive publications are issued under the authority of the ASB after all ASB members have been provided an opportunity to consider and comment on whether the proposed interpretive publication is consistent with the SSAEs. The members of the ASB have found the attestation guidance in this guide to be consistent with the SSAEs.

Although interpretive publications are not attestation standards, AT-C section 105 requires the practitioner to consider applicable interpretive publications in planning and performing an attestation engagement because interpretive publications are relevant to the proper application of the SSAEs in specific circumstances. If the practitioner ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required