Cybersecurity risk management examination
Staying one step ahead
Organizations that view cybersecurity reporting and cyber risk management as an opportunity can use it to lead, navigate, and even disrupt in the evolving marketplace. Explore our collection of articles designed to help you stay one step ahead.
- The cybersecurity examination
- A proactive and pragmatic approach
- Cyber risk management oversight and reporting
- Raising the bar
- The flip side
The value of visibility: Cybersecurity risk management examination
Stakeholders are calling for greater visibility into an organization’s cybersecurity risk management program.
In response, the American Institute of Certified Public Accountants (AICPA) has developed new guidance to better evaluate and report on an entity’s cybersecurity risk management program. This report discusses the AICPA's new cybersecurity risk management examination reporting framework. It also offers a readiness assessment approach to help organizations prepare.
A proactive and pragmatic approach to cyber risk management
How to use the new AICPA cybersecurity attestation reporting framework
In this article, featured in Treasury & Risk magazine, Gaurav Kumar and Jeff Schaeffer from Deloitte & Touche LLP highlight the key elements of the American Institute of Certified Public Accountants (AICPA) cybersecurity attestation reporting framework, which is intended to help organizations evaluate and report on their cyber risk management programs.
Learn more about how a cyber-risk management examination engagement can help a company improve the transparency of its approach to cybersecurity.
Cyber risk management oversight and reporting: Better standards and independent scrutiny for increased transparency
Whether it’s the relentless wave of breaches or the ongoing saga of cybercriminals targeting some of the world’s largest financial services firms, organizations are constantly trying to defend and safeguard against the next cyberattack. Reuters Solutions recently conducted an interview with two Deloitte Risk and Financial Advisory professionals, Gaurav Kumar and Jeff Schaeffer from Deloitte & Touche LLP, to better understand how the cybersecurity reporting landscape is evolving with the introduction of the American Institute of Certified Public Accountants’ (AICPA) cybersecurity attestation reporting framework.
Learn how the voluntary AICPA cybersecurity attestation reporting framework can benefit your organization’s cyber risk management efforts—and what you can do now to prepare.
Raising the bar for cyber risk management oversight and reporting
In this article, featured in both the National Association of Corporate Directors (NACD) Directorship Magazine and Risk & Compliance Journal from the Wall Street Journal, Sandy Herrygers, partner, Deloitte & Touche LLP, and Gaurav Kumar, principal, Deloitte & Touche LLP, discuss:
- The evolving cyber threat landscape.
- The role of boards in providing cyber risk oversight.
- AICPA cybersecurity examination engagement guidance to address expectations of greater stakeholder transparency and assurance in cyber risk reporting.
Read more to learn ways organizations can begin to prepare for a future cybersecurity examination engagement.
The flip side: Cyber risk management oversight and reporting
It’s not a matter of if, but when, a cyberattack will occur. So when faced with the inevitable, how can your organization implement a sound cyber risk management program? And how can you demonstrate the effectiveness of that program to your stakeholders? Taking a proactive approach establishes a strong foundation for addressing cyber risk, enabling the organization to achieve greater operational efficiencies and also add value—helping your stakeholders gain confidence and obtain reliable information to support informed decision making, creating brand differentiation, and enhancing your reputation.
Learn more about the flip side of cyber risk management oversight and reporting and proactive steps to protecting and advancing your brand.
Survey results on cyber risk management oversight and reporting
During a recent Dbriefs webcast, Deloitte surveyed over 3,400 professionals to gain insights into their views on cyber risk management oversight and reporting. Learn more about what they had to say.
Get in touch
Gaurav (GK) Kumar
Sandra (Sandy) Herrygers