With cyberattacks on the rise, organizations are looking at how to best protect their client and customer information – and inform stakeholders of their efforts. The AICPA provides resources to help organizations and businesses, including CPA firms, assess risks. We’re also assisting CPAs as they provide advisory or assurance services on clients’ risk programs. Click on the boxes below to learn more.
- Identify potential internal risks
- Take proactive steps to safeguard information
- Help clients identify and address cybersecurity risks
- Share expertise and best practices
AICPA Featured Tools
Find the latest resources on cybersecurity.
- Cybersecurity Risk Management Reporting Framework
Consists of description criteria, control criteria and an attestation guide.
- PCPS Exploring Cybersecurity Toolkit
Tools for firms interested in learning more about cybersecurity, how cybersecurity relates to firms and potential opportunities with clients.
- CGMA Cybersecurity Risk Management Tool
Helps companies monitor and manage the risk of cybersecurity threats and respond to potential breaches.
CPAs Helping to Fight Against Cyberattacks
Learn how CPAs can help businesses fight cyberattacks. Whether an organization is designing a new cybersecurity program or needs an assurance report on one already in place – CPAs skilled in information management and technology are ready to serve.More on AICPA TV
In the News
- How to provide cybersecurity advice - June 21, 2018
- Deloitte poll: Firms plan adoption of AICPA's SOC for Cybersecurity framework - June 11, 2018
- How board members can perform oversight of cybersecurity risks - June 1, 2018
- Disclosing Your Company's Cyber Risks -- Stakeholders Should Know What? - May 8, 2018
- Accountants can help companies meet SEC demand for cybersecurity disclosures - March 27 2018
- Tax pros: How are you protecting your clients’ data? - March 9, 2018
- You're hacked. What's your cybersecurity liability? - AICPA Insights, October 24, 2017
- Cybersecurity: A new engagement opportunity - Journal of Accountancy, October 1, 2017
For even more information, check out the AICPA's Insights blog for news and perspectives on cybersecurity.
Committee of Sponsoring Organizations of the Treadway Commission (COSO)
- COSO Enterprise Risk Management - Integrating with Strategy and Performance
- COSO Internal Controls - Integrated Framework
- COSO in the Cyber Age
The Institute of Risk Management Cyber Risk Report
The Institute of Internal auditors (IIA)
- Assessing Cybersecurity Risk Roles of the Three Lines of Defense
- Additional supplemental guidance developed by IIA
The National Institute of Standards and Technology (NIST)