How to provide cybersecurity advice

Featuring Audrey Katcher, CPA/CITP, CGMA, a partner with RubinBrown LLP

Video transcript:

CPA firms should be helping clients with cybersecurity and data security issues all through the lifecycle of that information. We should be there assessing and recommending how to secure information. We should be there helping clients understand what information needs to be secured. And we can take it all the way to an attestation that can be used by a third party. That’s what makes a CPA special is that we can do that attestation for third parties. But we need to look at ourselves and say, how can we help the client get ready for what they need to disclose in cybersecurity?

The SOC (service organization controls) for cybersecurity is a perfect example. That guidance is out. We can use some of that guidance now to use it as an advisory project with our clients to give them an understanding of how they can set up the cyber risk management program. The expectations are there to report to the public. And so they need to start getting ready and we’re the best ones to help them through that process.

SPONSORED REPORT

Implementing a global statutory reporting maturity model

Assess your organization's capabilities and progress toward an ideal state of global statutory reporting. Sponsored by Workiva.

100th ANNIVERSARY

Black CPA Centennial, 1921–2021

With 2021 marking the 100th anniversary of the first Black licensed CPA in the United States, a yearlong campaign kicked off to recognize the nation’s Black CPAs and encourage greater progress in diversity, inclusion, and equity in the CPA profession.