This is a Self-Study / On-Demand event. In the event title, "Webcast" indicates the event has a self-paced webcast to view with the materials to complete the self-study. "Download" indicates the user downloads only the materials to complete the self-study.
|Full time Accounting Educator:||None|
Cybersecurity threats are escalating, unnerving the boards of directors, managers, investors and other stakeholders of organizations of all sizes-whether public or private. Organizations are under increasing pressure to demonstrate that they are managing threats, and that they have effective processes and controls in place to detect, respond to, mitigate and recover from cybersecurity events. Cybersecurity yields potential business opportunities for a firm to better serve its clients. As a trusted business advisor, firm practitioners can provide advisory services that help companies spot cybersecurity weaknesses, identify potential risks and offer advice on how to safeguard information and systems. Learn how you can help your clients navigate threats by becoming a trusted business advisor for their organization's cybersecurity risk management programs.
Note: This is an on-demand/self-study course offered by a 3rd party vendor and will not be accessible in the CPE Tracker section of the OSCPA website. Course access information will be emailed directly to you by AICPA. The course expires one year from the purchase date.
Practitioners who are interested in providing cybersecurity advisory services and want to build their competencies in and understanding of these types of services. Likely participants may already have SOC for service organizations practices and are looking to expand into cybersecurity.
Participants must have either IT expertise or access to IT professionals who possess the skills to perform this work. CPAs in public accounting firms who are providing non-consulting and advisory services for clients of the firms (e.g. tax or A&A services) and need to be able to intelligently convey the value of a cybersecurity risk management program to their clients (to then hand off to the cybersecurity specialist within the firm). Management accountants and internal auditors who want to understand the types of services available to their organizations related to the management of cybersecurity risks
- Articulate the nature and types of cybersecurity advisory services that can be performed
- Identify key considerations of each of those advisory services
- Recognize what one would need to effectively perform advisory services
- Cybersecurity risk management program overview
- Cybersecurity advisory service opportunities
- Cybersecurity examination services versus advisory services
- Cybersecurity frameworks, including the AICPA cybersecurity risk management program reporting framework
- Drivers for cybersecurity advisory needs
- Gap analysis and risk assessment
- Common cybersecurity advisory services, such as SOC for Cybersecurity readiness assessments and penetration testing
- Tools to effectively perform advisory services including qualifications and certifications, backgrounds and expertise, and other resources you would need to market and deliver in a quality manner