Cybersecurity is one of the major areas of concern for our government as it faces threats to the nation's critical infrastructure. For organizations, prevention of compromise to their information assets makes this issue a priority as focus and resources are placed on the formation of information security policy and the implementation of control measures to prevent access and/or manipulation of their systems and data.
With the ever-increasing demands and requirements to ensure your organization’s or clients' business data, information, and systems are secure, the AICPA’s Information Management and Technology Assurance Center website provides the following content designed to help you in your own practice, as well as to serve as resources when advising or providing assurance to others.
With the rampant growth in cybercrime, it's no longer a question of if CPAs, their clients or their organization will become a victim, but when. The Top Cybercrimes, a white paper developed by the AICPA's IMTA Cybersecurity Task Force co-chair Steve Ursillo, and members, Jeff Streif and Lisa Traina, identifies and examines the cybercrimes that pose the strongest threats for CPAs. It features expert remediation guidance, real-life examples, statistics and invaluable resources that can help CPAs in their prevention, detection and recovery strategies.
AICPA Launches New Cybersecurity Resource Center for CPAs
From corporate hacking scandals to phishing scams aimed at individuals, cybersecurity is an urgent matter. No organization or client is entirely safe from cyberattacks and digital threats to businesses and government entities are likely to increase in the future. CPAs are well-positioned to take a leadership role on behalf of their clients or organizations by providing advisory or assurance services that address risks associated with cybersecurity. Visit the new AICPA Cybersecurity Resource Center to access cybersecurity news and information, including resources from IMTA’s Cybersecurity Task Force.
Communicating Cybersecurity Risks to the Audit Committee
|Visit the AICPA TV channel for webcast archives on Cybersecurity.
|Blogs / Articles
In this article, Joel Lanz, CPA/CITP/CFF, discusses how to talk about cybersecurity with the Audit Committee.
Weak Passwords Only Part of the Cybersecurity Problem
Tommie Singleton, CPA/CITP/CFF, recommends several steps organizations can take to improve cybersecurity efforts related to passwords. But Singleton, director of consulting services at US accounting firm Carr, Riggs & Ingram, cautions that relying on strong password policies alone is not nearly enough.
5 Steps CPAs Can Take to Fight Hackers
This article looks at the five biggest cybersecurity risks CPAs and their organizations face, then offers a five-step battle plan for the fight against cybercriminals.
How Clients Can Protect Their Tax Data from Hackers
In this article CPAs share best practices with clients to help them secure their tax information.
4 Cybersecurity Pitfalls to Avoid
This article describes how CPAs can help their client avoid common pitfalls.
5 Cybersecurity Precautions for Small CPA Firms
Learn the basic precautions that can significantly reduce your risk and mitigate damage if you experience a cybersecurity incident.
Download a comment letter
on the National Institutes of Standards and Technology’s (NIST’s) Small Business Information Security: The Fundamentals, a reference guideline developed by the NIST in partnership with the Small Business Administration (SBA) and the Federal Bureau of Investigation (FBI) as information security awareness outreach to the small business community.
Download a comment letter
on the National Institutes of Standards and Technology's (NIST's) Preliminary Cybersecurity Framework (Preliminary Framework) pursuant to the President's Executive Order 13636 on Improving Critical Infrastructure Cybersecurity.