Cybersecurity attestation: Building trust in your cybersecurity risk management program


All companies are vulnerable to cybersecurity threats. Not only are their brand and reputation at stake, but also their bottom line. And as reliance on third parties continues to grow, so too does the need for companies to fully engage an effective cybersecurity risk management program. Many are finding Cybersecurity Attestation reporting to be a valuable tool in providing greater transparency and mitigating risk.

In May 2017, the American Institute of Certified Public Accountants (AICPA) released a cybersecurity reporting and attestation framework to evaluate the effectiveness of cybersecurity risk management programs and provide guidance on completing a cybersecurity attestation report.

Potential benefits of an effective cybersecurity risk management program

Attestation reporting can provide stakeholders with comfort around the effectiveness of a company's risk management program and controls and can enhance reputation through transparency.

cybersecurity attestation risk management program

How we can help

As your reliance on third parties grows, so does the need to foster trust and transparency with those organizations. PwC’s Trust and Transparency Solutions practice explores every angle of the third party equation, identifying weaknesses and interconnected risks, building better protections across business ecosystem, while providing the assurance your stakeholders need.

Contact us

Todd Bialick
Trust and Transparency Solutions Leader, PwC US
Tel: +1 (973) 236 4902

Mark Cornish
Cybersecurity Attestation Services Leader
Tel: +1 (267) 330 3183

Follow us