As high profile cyber attacks become more common, executive management teams are becoming increasingly concerned. In order to exercise their fiduciary duty, boards need to have confidence that the organization has a “defensible” cybersecurity risk management program in place. Other stakeholders such as management, investors, regulators and potentially customers are seeking greater transparency in order to gain a deeper understanding of an organization’s cybersecurity risk management program.
To address this need, the AICPA has issued a reporting framework and related guidance through which organizations can communicate relevant information to key stakeholders. PwC works with organizations across all industries to determine the appropriate path for providing the assurance their stakeholders demand.
Our cybersecurity professionals can:
Cybersecurity Attestation reporting can benefit organizations by: