Cybersecurity threats are escalating, unnerving the boards of directors, managers, investors and other stakeholders of organizations of all sizes whether public or private. Organizations are under increasing pressure to demonstrate that they are managing threats, and that they have effective processes and controls in place to detect, respond to, mitigate and recover from cybersecurity events. 

Cybersecurity yields potential business opportunities for a firm to better serve its clients. As a trusted business advisor, firm practitioners can provide advisory services that help companies spot cybersecurity weaknesses, identify potential risks and offer advice on how to safeguard information and systems. Learn how you can help your clients navigate threats by becoming a trusted business advisor for their organization's cybersecurity risk management programs. 

Learning Objectives:

• Articulate the nature and types of cybersecurity advisory services that can be performed
• Identify key considerations of each of those advisory services
• Recognize what one would need to effectively perform advisory services

Key Topics:

• Cybersecurity risk management program overview 
• Cybersecurity advisory service opportunities 
• Cybersecurity examination services versus advisory services 
• Cybersecurity frameworks, including the AICPA cybersecurity risk management program reporting framework 
• Drivers for cybersecurity advisory needs 
• Gap analysis and risk assessment 
• Common cybersecurity advisory services, such as SOC for Cybersecurity readiness assessments and penetration testing 
• Tools to effectively perform advisory services including qualifications and certifications, backgrounds and expertise, and other resources you would need to market and deliver in a quality manner

Free book with purchase Reporting on an Entitys Cybersecurity Risk Management Program and Controls Attestation Guide, ($89 value) is free when you purchase this certificate program. Created by the AICPA, this authoritative guide provides interpretive guidance to enable CPAs to examine and report on an entity's cybersecurity risk management program and controls within that program. The guide delivers a framework which has been designed to provide stakeholders with useful, credible information about the effectiveness of an entity's cybersecurity efforts.

AICPA is the sponsor of record for an digital badges earned. OSCPA does not maintain or award AICPA digital badges.