Cybersecurity and employee benefit plans: questions and answers
Resources
AICPA logo
Cart
searchSearch
search
burger
AICPA logo
  • Home
Abstract yellow image
Resources

Cybersecurity and employee benefit plans: questions and answers

4 years ago · 426.8 KB Download

Resource

available

These EBPAQC Qs & As help plan auditors understand cybersecurity risk in employee benefit plans, and to discuss cybersecurity risk, responsibilities, preparedness, and response with plan clients.

They address:

  • How EBPs are at risk for cyberattacks,

  • What plan information and assets are at risk,

  • Potential consequences of a cyber-attack,

  • Examples of cyber-threats to EBPs,

  • Fiduciary’s responsibilities for protecting plan information and responding to breaches,

  • The plan auditor’s responsibility for evaluating cybersecurity risk and controls in a plan audit,

  • Cybersecurity considerations when plan administration is performed by a third-party provider,

  • Whether a SOC 1 report addresses a plan’s internal control over cybersecurity controls and risk,

  • Resources available to help plans address their cybersecurity risks,

  • Effective practices and policies to protect against cyber-attacks, and

  • Resources available to help plan management determine the adequacy of the plan’s cybersecurity risk management strategy and program and related communications to plan fiduciaries and third parties.

Download the Cybersecurity and employee benefit plans: Questions and answers

File name: cybersecurity-and-ebp-questions-and-answers.pdf

What did you think of this?

Every bit of feedback you provide will help us improve your experience

What did you think of this?

Every bit of feedback you provide will help us improve your experience

Related content