How to provide cybersecurity advice

Featuring Audrey Katcher, CPA/CITP, CGMA, a partner with RubinBrown LLP

Video transcript:

CPA firms should be helping clients with cybersecurity and data security issues all through the lifecycle of that information. We should be there assessing and recommending how to secure information. We should be there helping clients understand what information needs to be secured. And we can take it all the way to an attestation that can be used by a third party. That’s what makes a CPA special is that we can do that attestation for third parties. But we need to look at ourselves and say, how can we help the client get ready for what they need to disclose in cybersecurity?

The SOC (service organization controls) for cybersecurity is a perfect example. That guidance is out. We can use some of that guidance now to use it as an advisory project with our clients to give them an understanding of how they can set up the cyber risk management program. The expectations are there to report to the public. And so they need to start getting ready and we’re the best ones to help them through that process.

RESOURCES

Keeping you informed and prepared amid the coronavirus crisis

We’re gathering the latest news stories along with relevant columns, tips, podcasts, and videos on this page, along with curated items from our archives to help with uncertainty and disruption.

SPONSORED REPORT

Getting leases in line

ASC Topic 842 is a relatively simple standard that can mean profound changes for organizations with leases. This report examines what makes this standard challenging and describes new ways for CPAs to add value.