Proposed Changes to Privacy, Security Guidance Available


The AICPA released two proposals that would alter guidance for CPAs providing attestation services, advisory services or both that address IT-enabled systems including electronic commerce systems and privacy programs.

           

The guidance relates to providing services with respect to system security, availability, processing integrity, confidentiality and privacy.

           

The AICPA and the Canadian Institute of Chartered Accountants (CICA) are seeking feedback on an exposure draft that proposes changes to their privacy framework. The AICPA/CICA Generally Accepted Privacy Principles are designed to facilitate privacy compliance and effective privacy management.  

           

Comments on the proposal are due June 1.

           

The AICPA Trust Services/Data Integrity Task Force is seeking feedback on an exposure draft that proposes changes to certain other aspects of the Trust Services Principles and Criteria (TSPC). The proposal involves principles used to evaluate whether IT-enabled systems are reliable.

       

Comments on the proposal are due April 8.

 

SPONSORED REPORT

Why cybercriminals are targeting CPAs

This free report expands on the most commonly found scams, why education and specialized IT knowledge help to lessen security vulnerabilities, and why every firm should plan carefully for how it would respond to a breach.

PODCAST

How tax reform — and Excel — are changing the CPA Exam

Mike Decker, the vice president of examinations at the AICPA, discusses changes being made to the exam as a result of tax reform — and about how Excel will now be available for use on the test.