The Accounting Policy & Practice Report ® provides financial accounting policy makers, advisors, and practitioners with the latest news, expert insights, and guidance on emerging, evolving,...
By Todd Cheney
Accountants and auditors must intensify efforts to warn investors of growing cybersecurity risks that can threaten companies across their entire systems, the Center for Audit Quality’s professional practice managing director said.
The accounting profession must help ensure the transparency of company cybersecurity networks and their impact on financial reporting as part of strong internal controls over financial reporting (ICFR), the CAQ’s Catherine Ide said in a video interview recorded during the American Institute of CPAs’ National Conference on Current SEC and PCAOB Developments. The Center for Audit Quality is Affiliated with the AICPA.
Unfortunately, “the breaches we see happening generally are at a network or a perimeter level and not in scope from a financial statement or ICFR audit perspective,” Ide said. Auditors wouldn’t necessarily catch those breaches.
However, “if there is a material breach, [it is] the auditor’s responsibility to assess that impact on the financial statements, especially in consideration of disclosures and internal controls over financial reporting,” Ide said.
“A financial statement of internal control over financial reporting audit is generally a subset of the overall aggregate IT systems and data that a company uses to manage its business operations in totality,” Ide said. “It’s an auditor’s responsibility to maintain an understanding of the company’s information technology environment as well as the IT impact on the financial statements.”
When asked how the accountant’s role could evolve in cybersecurity, Ide said, “our core competencies around understanding enterprise-wide risks, as well as management’s response to those risks in the form of controls, benefit our ability to provide confidence in that information to the stakeholders at large.”
The AICPA Cybersecurity Risk Management Framework can help corporations in that process by permitting companies to “communicate in a common language about their cybersecurity risk management programs,” Ide said.
In the constantly evolving area of information technology, as companies face increased cyberattacks and heightened data susceptibility, auditors will need every imaginable tool to help corporate practitioners fight growing cybersecurity risk, Ide said.
To contact the reporter on this story: Todd Cheney in Washington at firstname.lastname@example.org
To contact the editor responsible for this story: S. Ali Sartipzadeh at email@example.com
Copyright © 2018 Tax Management Inc. All Rights Reserved.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to firstname.lastname@example.org.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to email@example.com.
Put me on standing order
Notify me when new releases are available (no standing order will be created)