Cybersecurity Resource Center
With cyberattacks on the rise, organizations are looking at how to best protect their client and customer information – and inform stakeholders of their efforts. The AICPA provides resources to help organizations and businesses, including CPA firms, assess risks. We’re also assisting CPAs as they provide advisory or assurance services on clients’ risk programs. Click on the boxes below to learn more.
(including CPA Firms)
- Identify potential internal risks
- Take proactive steps to safeguard information
- Help clients identify and address cybersecurity risks
- Share expertise and best practices
AICPA Featured Tools
Find the latest resources on cybersecurity.
- Cybersecurity in 2020: What you need to know
Join this Free CPE webcast on Wednesday, October 30 at 12pm ET.
- Quiz: Are you cybersecurity ready?
- Cybersecurity Risk Management Reporting Framework
Consists of description criteria, control criteria and an attestation guide.
- PCPS Exploring Cybersecurity Toolkit
Tools for firms interested in learning more about cybersecurity, how cybersecurity relates to firms and potential opportunities with clients.
- CGMA Cybersecurity Risk Management Tool
Helps companies monitor and manage the risk of cybersecurity threats and respond to potential breaches.
CPAs Helping to Fight Against Cyberattacks
Learn how CPAs can help businesses fight cyberattacks. Whether an organization is designing a new cybersecurity program or needs an assurance report on one already in place – CPAs skilled in information management and technology are ready to serve.More on AICPA TV
In the News
- 8 cybersecurity resources you literally need right now – AICPA Insights, July 31, 2019
- 4 ways to protect your data from the dark web – Journal of Accountancy, June 11, 2019
- Finance faces business email compromise – Financial Management, June 3, 2019
- How organizations can better fend off cyberattacks – Podcast from the Journal of Accountancy, May 27, 2019
- Here’s how much cybercrime can cost your company – Financial Management, May 3, 2019
- Smishing - what you need to know – AICPA Insights, October 15, 2018
- How to provide cybersecurity advice – Journal of Accountancy, June 21, 2018
- Deloitte poll: Firms plan adoption of AICPA's SOC for Cybersecurity framework – June 11, 2018
- Cybersecurity: A new engagement opportunity – Journal of Accountancy, October 1, 2017
For even more information, check out the AICPA's Insights blog for news and perspectives on cybersecurity.
Cybersecurity and employee benefit plans: Questions and answers
AICPA's Information Management and Technology Assurance (IMTA) Section
Committee of Sponsoring Organizations of the Treadway Commission (COSO)
- COSO Enterprise Risk Management - Integrating with Strategy and Performance
- COSO Internal Controls - Integrated Framework
- COSO in the Cyber Age
International Organization for Standardization (ISO) Cybersecurity
The Institute of Risk Management Cyber Risk Report
The Institute of Internal auditors (IIA)
- Assessing Cybersecurity Risk Roles of the Three Lines of Defense
- Additional supplemental guidance developed by IIA
The National Institute of Standards and Technology (NIST)