Cybersecurity Risk Management Oversight: A Tool for Board Members provides key questions board members can use as they discuss cybersecurity risks and disclosures with management and CPA firms. The questions are grouped under four key areas:
- Understanding how the financial statement auditor considers cybersecurity risk
- Understanding the role of management and responsibilities of the financial statement auditor related to cybersecurity disclosures
- Understanding management’s approach to cybersecurity risk management
- Understanding how CPA firms can assist boards of directors in their oversight of cybersecurity risk management
The tool also compiles cybersecurity-related resources from the CAQ, the American Institute of CPAs, the National Association of Corporate Directors, and others.