To help tax professionals and their clients manage cybersecurity risk, the American Institute of CPAs issued a voluntary reporting framework in April that lays out a “proactive and agile” approach to risk management, according to a statement from AICPA.
“Cybersecurity threats are escalating, thereby unnerving boards of directors, managers, investors and customers of businesses of all sizes — whether public or private,” Susan S. Coffey, executive vice president for public practice for AICPA, said in a statement.
The resources are designed to facilitate communication and risk management regarding cybersecurity.
(Related: A 7-Point Checklist for Advisors to Protect Against Cyberattacks)
In mid-April, AICPA’s Assurance Services Executive Committee released description criteria to help management teams lay out their cybersecurity program in a common language, and to help CPAs report on that program.