Organizations are under increasing pressure to demonstrate that they are managing cybersecurity threats, and that they have effective processes and controls in place to detect, respond to, mitigate and recover from breaches and other security events.
To address this need, the AICPA has developed a cybersecurity risk management reporting framework that assists organizations as they communicate information about the effectiveness of their cybersecurity risk management programs.
In this video, Amy Pawlicki, vice president of Assurance & Advisory Innovation for AICPA, talks with James Schiavone about the reporting framework’s format and goals as well as how to get started with it.