FREE MEMBERSHIP Includes » ABL Advisor eNews + iData Blasts | JOIN NOW ABLAdvisor Gray LOGIN ABLAdvisor Blue
 
Skip Navigation LinksHome / News / Read News

Print

AICPA: Regulators Should Establish, Implement Cybersecurity Risk Management Principals

January 23, 2017, 07:25 AM
Filed Under: Technology
Related: AICPA, Cybersecurity

The Association of International Certified Professional Accountants (the Association), a new organization composed of the American Institute of CPAs (AICPA) and the Chartered Institute of Management Accountants (CIMA), has provided comments on three Federal agencies’ advance notice of proposed rulemaking (ANPR) regarding enhanced cyber risk management standards for large and interconnected entities and their service providers.

“We applaud the agencies’ efforts to increase the operational resilience of entities and reduce the impact of cyber events,” wrote Susan S. Coffey, CPA, CGMA, the Association’s executive vice president for public practice, in a January 17 letter to the Office of the Comptroller of the Currency, the Board of Governors of the Federal Reserve System and the Federal Deposit Insurance Corporation. “The Association believes that today’s marketplace is driving the need for strengthened cybersecurity in all types of organizations.”

“We believe that the regulatory community can best serve the public interest and national security by coordinating to establish and implement common, overarching principles related to cybersecurity risk management,” Coffey stated. “A consistent set of high-level principles or best practices (as opposed to specific, detailed, prescriptive rules or requirements), would keep the focus on agility and responsiveness to an ever-evolving challenge, to stay one step ahead of, not behind, current and future risks.”

“…[T]here are already a number of strong voluntary cybersecurity risk management frameworks available to companies to follow in designing effective cybersecurity risk management programs, Coffey observed. “We believe that the cybersecurity risk management reporting framework that we have developed complements these frameworks and serves as a critical step to enabling a consistent, market-based, business-based mechanism for companies to effectively communicate with key stakeholders on how they’re managing cybersecurity risk.”

Coffey noted that it while it is well understood that it is impossible to guarantee the prevention of a cybersecurity breach, this framework “will enable companies to demonstrate and communicate due diligence and due care in their management of cybersecurity risk in a consistent manner, serving the needs of multiple stakeholders with a single approach.”

The full text can be viewed here.







Comments From Our Members

You must be an ABL Advisor member to post comments. Login or Join Now.

Sector/Economic Data
U.S. Census Bureau – U.S. Department of Commerce
March 2022 Construction Spending Report
U.S. Census Bureau – U.S. Department of Commerce
Full Report on Manufacturers' Shipments, Inventories and Orders - March 2022
view all sector/economic data
Featured Articles
Commercial Finance M&A in 2024: What to Expect After a Slow Year of Deal Flow
Commercial finance M&A was slow in 2023 due to economic uncertainty...
by Tim Stute and Chris Hemler
Full Contact ABL: Collateral Versus Enterprise Value ABL
Charlie Perer contrasts Collateral-focused and Enterprise Value...
by Charlie Perer
Most Popular | All Articles
Sponsored Content
CFG Merchant Solutions Underwriter Academy
CFGMS is proud to announce our new program: Underwriter Academy! Fast-track into a position with one of our producing underwriting teams.
sponsored by:
LEARN MORE