As part of European Cyber Security Month, we interviewed Jim Bourke, Partner at WithumSmith+Brown on his top tips on cyber security for chartered professional accountants.
1. I’m a CPA. I know nothing about cyber security. How can I get involved in this space?
"As a CPA you are perfectly positioned to get involved in this space. As CPAs we understand analysis and testing of controls.
In an audit engagement we test IT general controls. I view many cyber security engagements as simply an expansion on the testing of controls around a company’s cyber security readiness.
The AICPA & CIMA have a massive amount of content around this space, not to mention a significant number of webinars and conferences, like AICPA & CIMA Cyber Security U.S., where you can hear from top thought leaders speaking around these topics."
Q2. As a CPA, where do I go to get up to speed on cyber security training to help advise my clients?
"A big thing at the moment is phishing scams - CPAs have the opportunity to really guide their clients around the cyber security concerns here.
CPAs are the trusted advisors that clients come to for everything - I'll teach you practical tips to show you the types of things you can guide your clients with.
I’ll be talking about this in my conference topic in November actually!
The AICPA also has an amazing amount of content around the new SOC for cyber security offering. In fact, there’s a certificate you can earn after completing training and an exam.
In addition, the US Department of Homeland Security‘s website has a wealth of information available around this topic."
Read more about Jim's session at AICPA & CIMA Cyber Security U.S.
Q3. I have heard a lot about the new cyber security assurance report. Can you tell me more?
"Sure, I am super excited about this offering. This is a product offering that can only be offered by CPA’s! So, we (CPAs) own this space.
The new SOC for cyber assurance engagement basically reports on a company’s cyber security readiness!
We have a massive amount of resources available to us in this space and a tremendous amount of guidance to assist the CPA in performing the engagement."
Read more about the cyber security assurance report.