You continue to hear about cybersecurity and risk management when it comes to your audits. Yet, what are the next steps once you’ve inquired about a client’s risk management plan? Better yet, what are the next steps when you find out there is no plan? This session will provide insight into how and why CPAs and accounting professionals should be involved in these inquiries and processes. Cybersecurity risk management best practices, frameworks, and how to tie these into strategic initiatives will be discussed.
Recognize the importance of an auditor’s role in evaluating a client’s cybersecurity risk management system and process.
Select proper audit procedures that fall under an auditor’s responsibility to test cybersecurity.
Recall cybersecurity frameworks and how these should be used in strategic planning.