A new cybersecurity risk management reporting framework for management and CPAs
The AICPA issued a new framework for cybersecurity risk management reporting Wednesday. The framework gives an organization’s management criteria for explaining its cybersecurity risk management program and provides CPAs with guidance to be used in engagements to report on clients’ cybersecurity controls.