Fingerprint graphic, Cybersecurity


Cybersecurity risk management examination

Staying one step ahead

Organizations that view cybersecurity reporting and cyber risk management as an opportunity can use it to lead, navigate, and even disrupt in the evolving marketplace. Explore our collection of articles designed to help you stay one step ahead.

Cyber risk management oversight and reporting: Better standards and independent scrutiny for increased transparency

Whether it’s the relentless wave of breaches or the ongoing saga of cybercriminals targeting some of the world’s largest financial services firms, organizations are constantly trying to defend and safeguard against the next cyberattack. Reuters Solutions recently conducted an interview with two Deloitte Risk and Financial Advisory professionals, Gaurav Kumar and Jeff Schaeffer from Deloitte & Touche LLP, to better understand how the cybersecurity reporting landscape is evolving with the introduction of the American Institute of Certified Public Accountants’ (AICPA) cybersecurity attestation reporting framework.

Learn how the voluntary AICPA cybersecurity attestation reporting framework can benefit your organization’s cyber risk management efforts—and what you can do now to prepare.

Back to top

The value of visibility: Cybersecurity risk management examination

Stakeholders are calling for greater visibility into an organization’s cybersecurity risk management program.

In response, the American Institute of Certified Public Accountants (AICPA) has developed new guidance to better evaluate and report on an entity’s cybersecurity risk management program. This report discusses the AICPA's new cybersecurity risk management examination reporting framework. It also offers a readiness assessment approach to help organizations prepare.

Back to top

Raising the bar for cyber risk management oversight and reporting

In this article, featured in both the National Association of Corporate Directors (NACD) Directorship Magazine and Risk & Compliance Journal from the Wall Street Journal, Sandy Herrygers, partner, Deloitte & Touche LLP, and Gaurav Kumar, principal, Deloitte & Touche LLP, discuss:

  • The evolving cyber threat landscape.
  • The role of boards in providing cyber risk oversight.
  • AICPA cybersecurity examination engagement guidance to address expectations of greater stakeholder transparency and assurance in cyber risk reporting.

Read more to learn ways organizations can begin to prepare for a future cybersecurity examination engagement.

Back to top

The flip side: Cyber risk management oversight and reporting

It’s not a matter of if, but when, a cyberattack will occur. So when faced with the inevitable, how can your organization implement a sound cyber risk management program? And how can you demonstrate the effectiveness of that program to your stakeholders? Taking a proactive approach establishes a strong foundation for addressing cyber risk, enabling the organization to achieve greater operational efficiencies and also add value—helping your stakeholders gain confidence and obtain reliable information to support informed decision making, creating brand differentiation, and enhancing your reputation.

Learn more about the flip side of cyber risk management oversight and reporting and proactive steps to protecting and advancing your brand.​

Back to top

hallway in server room

Survey results on cyber risk management oversight and reporting

During a recent Dbriefs webcast, Deloitte surveyed over 3,400 professionals to gain insights into their views on cyber risk management oversight and reporting. Learn more about what they had to say.

Back to top

Get in touch

Sandra (Sandy) Herrygers
Partner | Deloitte Risk and Financial Advisory
Deloitte & Touche LLP
+1 313 396 3475

Gaurav (GK) Kumar
Principal | Deloitte Risk and Financial Advisory
Deloitte & Touche LLP
+1 212 436 2745

Did you find this useful?