Added Perspective

Cybersecurity Risk Management Oversight: A Tool for Board Members

May 9, 2018

By Center for Audit Quality

As regulators and investors scrutinize cybersecurity vulnerabilities and related disclosures by public companies, the Center for Audit Quality (CAQ) has published a paper written to assist board members in their oversight of enterprise-wide cybersecurity risk management. “Boards of directors face an enormous challenge in overseeing how their companies manage cybersecurity risk,” said CAQ Executive Director Cindy Fornelli. "Cybersecurity Risk Management Oversight: A Tool for Board Members" provides key questions board members can use as they discuss cybersecurity risks and disclosures with management and CPA firms.

 

The questions are grouped under four key areas:

  1. Understanding how the financial statement auditor considers cybersecurity risk
  2. Understanding the role of management and responsibilities of the financial statement auditor related to cybersecurity disclosures
  3. Understanding management’s approach to cybersecurity risk management
  4. Understanding how CPA firms can assist boards of directors in their oversight of cybersecurity risk management

The paper also compiles cybersecurity-related resources from the CAQ, the American Institute of CPAs, the National Association of Corporate Directors, and others. To read the full paper, click here.

 

 

Most Read

Top of the Agenda - Governance
Victory-USAA deal: New board leadership on deck

In an unusual move, the board overseeing USAA's mutual funds is planning to replace its long-serving independent chairman with an interested chair upon completion of Victory ...

Viewpoints
Government shutdown hits funds, fund boards

Many news reports have recounted how the partial government shutdown has affected government employees, shuttered national parks, and unsettled the stock market. But few, if any, ...