As per the instruction of our CEO, and as per her choice, this referred article is being written on the subject of introducing a new framework by American Institute of CPA for cyber security risk management as published in the professional journal named Journal of Accountancy. This publication was written by Ken Tysiac, who is acting as JOFA Editorial Director of this journal. This article was published on 26th April, 2017. In this article, the writer had emphasized on the newly introduced framework for securing the corporate user of accounting practices from the evil of cyber security with the identification of the risks of this evil and the required framework to get rid of it. This framework will be instrumental to safeguard the interests of the stakeholders of the business entities related cyber crime with increased general awareness of this crime which is going to be a gradual problem for the business entities (Ong, 2017).
As per Susan S. Coffey, CPA, CGMA and the executive vice president of AICPA for public practice, the risks of cyber security threat are increasing which is instrumental for making the stakeholders of the corporate in the forms of Board of Directors, investors, lenders, other associates, and customers nervous irrespective of its status of private or public sector. It is also being added by the executive vice president that still there is no acceptable platform to combat cyber crime by the companies in the form of common language; there are efforts to cultivate different methods, frameworks and controls to enhance development of programs related to cyber security risk management (Charleston, 2017).
This area of threat in the form of cyber security is proved to be emerging worries of risk management for the business entities across the global business world. It is also added by around 68% of the CGMA designated holders in 2015 survey that their business entities are concerned about the threat of cyber attacks in moderate or significant ways.
The global political situation is getting worsened with the interferences of terrorism. They are trying to hack the basic financial information of the business entities to pamper their own interests. In the process, they use to take help of the hackers who are their member and with high level of CIT competencies. Through these activities, they are trying to access the confidential financial information of the company like bank accounts and other financial position of the company. There are cyber threats occurring from the outsourced jobs also where the companies taking care of the accounting and financial work of the mother companies, may have the intention to hack those confidential information with individual unfair attempts of their employees. The information thus retrieved may be used for encroaching in the bank account of individual and corporate with the intention to drag money from that account to other account for personal interest. Moreover the confidential financial information can be passed on to the competitors for handsome amount in order to make them aware of the strategies of the company (Nicholson, 2016).
The framework of AICPA to combat cyber security is offered voluntarily and is also designed enabling the business entities to ensure effective communication about the risk and threat related to cyber security through cyber security risk management programs with the effort to spread general awareness about the related to activities of cyber security. There are two identified resources which can support to report within the framework were published by AICPA and are available in the aicpa.org (Aicpa, 2016). They are:
Description criteria may be used by the management of any business entity for the purpose of explaining the risk or threat related to cyber security though cyber security management program of that company in the manner which proves to be consistent with regular update of newly found threats to be identified for awareness and necessary action to be generated from the management of the company. CPAs have the liberty to use those criteria in order to ensure reporting on the description of the management of the identified program to avert cyber security risks. As this is open and voluntarily offered to the members, proper communication on this aspect is expected with the enhanced scope of research and development on the subject in order to ensure proper awareness through feedback of what is happening and subsequently which may come in this field (Aicpa, 2016).
This is an attestation or advisory service as provided by the CPAs in order to make strong recommendation for controlling the area of cyber security for their clients. These criteria will emphasize on the control area with special importance given on the applicability and effectiveness of the control prescribed which will suit as per the operation of the client.
There is an announcement of third resource which is scheduled to come into the light through publication of AICPA in May 2017. This resource is projected as a guide of attestation which will be in the form of Reporting on the enhanced scope of the cyber security risk management- its program and controls. This publication will made available for the CPAs to assist them, particularly for those professional who are being engaged in the area of examining and reporting on cyber security of any entity related to respective program on risk management.
This area of activity is generated to meet the increasing need on the field of identification of risks or threats related to cyber security. The said management programs with necessary prescribed controls are the result of identified requirements by AICPA Assurance Executive Committee. This framework can guide and assist the CPA by providing assurance services related to cyber security along with ensuring by the professionals though their experience in the field of technology controls in auditing information (Bailey, Miglio, & Richter, 2014).
As per the vice president, Coffey, this framework will fix the guideline to ensure consistent mechanism based on market requirement for the business entities globally in order to explain the modus operandi of managing the risks related to cyber security. As per the version of the vice president, identification of target audience is being specified in the forms of stakeholders like board of directors, business associates, audit committee and investors of any company. This program will give them enough value addition to ensure better knowledge of risk management efforts of cyber security with understanding the same better. The specified information derived from the cyber security risk management program of the company along with the valued opinion of CPAs will make the stakeholders confident about the proper care ensured by the management of the company through due diligence and care and this will raise an avenue to make more confident and perfect approach to rely on the management of the company (Aicpa, 2017).
From the article of the Journal of Accountancy dated 26.04.2017 by Ken Tysiac, it is evident that cyber crime is going to be the emerging threat to the global business community. As business is run with multi level objectives as per the status of the stakeholders, their interests have the chance to get affected by this encroachment. It is also found that the global terrorism may have to option of getting funded through these activities, as their normal source of funding are getting squeezed by the responsible attitudes of the nations as they are proving their solidarity to fight this common war together. In this journal, Tysiac had given the array of light in the path through which the CPAs will fight with the authoritative guidance from AICPA for fixing the control with the description of such threat management (Aicpa, 2017).
Although the work has started lately, the aggressiveness of the AICPA will help the global business community to find the guideline to fight such war. The companies can have their guideline of program of control individually, which can prove to be helpful to others on collaborative attitude. AICPA has started these initiatives so that business entities do not think of their helplessness in this matter and also can have the courage and confidence to fight this war with proper systematic guideline of enforceable controls. The road is too long, but they started journey in this area will make the road shorter by finding new direction to the professionals and their clients for effective measure to be implemented. Enhanced level of awareness is needed for reporting of cyber crimes to ensure proper implementation of cyber security. AICPA has shown the way to fight this war and with their proper guidance to combat such risk. This publication can give proper feedback about the area of work of this risk management so that the business entities can be alerted with necessary steps to be taken by them with the help of CPAs to feel comfortable with this issue. It is not any individual fight, but collaborative fight which can be extended beyond the global geographical boundaries. Hence proper awareness of this threat with the way to combat this threat is to be known to the entities for better response to ensure cyber security (Tysiac, 2017).
Overview- Tentative Agenda Decision of December 2016 -related KMP party transaction disclosure
To analyze upcoming accounting standard in perspective of the comments by the stakeholders for finalization of draft or agenda or any modification for those, the standard in consideration is related to key management personnel or KMP parties, which is not consisting part of relationship of a public service provider or tax payer where it is always mandatory for materiality disclosure. It is applicable in case of normal terms and condition. This issue was not added in the Agenda of AASB for consideration earlier due to the reason that AASB had made it a point that related transactions appeared on standard practices with condition as a member of general public with KMP allied parties is not be automatically considered so far materiality of the issue in nature. It is also mentioned by the Board that the respective comments which were made in AASB 2016-6 Amendments to AAS with the extended related disclosure of parties of Not for Profit public sector enterprise as per paragraphs BC 17 and BC 18. This defines that the application of materiality may be resulted which are not expected under any abnormal situation. Subsequently a NOP public sector has the authority to judge the determination to the extent of information it requires to collect for meeting the ASB 124 objective Related Party Disclosure, due oto the reason that there is very little value in any enterprise which incurs substantial costs for obtaining data which is not considered material for disclosure. It is the observation of the Board that paragraph IG 9 and IG 11 of AASB 124 had identified relevant in case of assessing materiality to disclose party transaction related to KMP when a) the potential impact of the relationship is found in the financial statements while assessing the quantitative aspects ,and b) the transactions identified with the public service provider or tax payer of general public relationship on no different terms, those are not considered to qualitatively material for disclosure. These types of transactions are not to be considered of material impact by nature considering the transaction only (Aasb, 2016).
It is also noted by the AASB that while ensuring establishment of the significance of any transaction, there are other considerable factors with relevance as outlined in AASB 124 like:
It is also highlighted through paragraph IG 11 and examples 7 and 8 that the revenue generated and received though normal practices of collection of tax and rates and standard expenses in the form distributed grants which are standard practice normal public service provider or taxpayer relationship should not be considered as material for disclosure. But other transaction normally made on standard process with general public may also not to be considered for assessment of material impact of disclosure of other financial statement. The main fundamental of assessing the materiality of transaction is if knowledge of the said relationship and the respective terms with conditions would have the capacity to influence the understanding of user regarding the effect of the same in the financial statement. It is also agreed that if the effect of the financial statement is not proved to be material, the same transaction needs not to be disclosed.
Subsequently, AASB had a thought of sufficiency of existing guideline of AAS to comply the issue of identifying the transaction with a KMP related party which is not part of public service provider and taxpayer relationship is always possessing materiality although it is transacted on normal terms and conditions. Hence the board believes that there will be no such situation when divergent interpretations may be arisen in practice and so AASB is not intending to add this in their work program.
Accordingly, the Board thinks that existing guidance in Australian Accounting Standards is sufficient to address the issue of whether a transaction with a KMP related party, that is not part of a public services provider/taxpayer relationship, is always material even if it is on normal terms and conditions. The Board does not expect that significantly divergent interpretations would arise in practice. Consequently, the AASB [decided] not to add this issue to its work program (Aasb, 2016).
I am giving below the screenshot of this Tentative Agenda Decision of December 2016.
Letter from Institute of Public Accountants dated 17.02.2017- The Executive general manager, advocacy and Technical had expressed his disagreement in the subject of the Agenda, stating that it is urgently necessary due to the fact that there is a cloud of disbelief and skepticism found on the case of KMP related party disclosure related to public service provider- tax payer relationship. To restore the belief between the tax payer and the service provider, the assurance of transparency or prudence is required for the parties related to it. In his letter, he has significantly identified three issues related to AASB 124 related party disclosure of transactions which are:
It is also mentioned in the letter that there is found enhanced level of disbelief and skepticism with regard to activities of KMP and if those activities are taken care for the personal interest of the KMPs or the macro interest of the tax payers. It is also mentioned that this disbelief and skepticism is not only found in the public sector only but also incase of private sector, too. The person concerned written this letter is also interested to discuss the matter with AASB with prior appointment (Aasb, 2017).
Letter from Treasuries accounting and Reporting Advisory Committee dated 22.02.2017- David Nicol, the authority of the said committee had written the letter to the Chairperson of AASB in context of comments to be asked for by AASB for the said Agenda. David Nicol had expressed his satisfaction through the letter with expressing gratitude to the authority of AASB related to this issue. In the letter, main emphasis had been given on the aspect of connecting issues like fulfillment of purpose of AASB 124 related party disclosure effect of materiality on collection process, transactions conducted on normal terms and conditions and the authority of TARAC has full support to the agenda as specified by AASB related standard 124(Aasb, 2017). The screenshot of that letter is appended below:
Letter from CPA Australia dated 03.02.2017- The letter has been written by Dr. Eva Tsahuridu, Manager Accounting Policy in relation to the comments posted by CPA Australia on the subject tentative agenda decision on Materiality of KMP Related party Transactions for Public Sector Entities. In the letter the Association had shown their satisfaction on the subject so far the declaration of AASB 124 is concerned. In the letter support was extended to AASB with the statement that although support is extended, the body is thinking of some additional clarification required regarding the issues of definition of close members of the family for capturing all adult children irrespective of dependence status. The suggestion was furnished in the agenda decision to make provision for the readers with more elaborative description to understand the reasons behind the deliberation of AASB about the subject. Moreover as per the tentative agenda both income and expenses are to be considered for disclosure related to public service provider and tax payer relationship which may be considered as material for disclosure. Present paragraph of IG 11 of AASB 124 is o0nly concentrating on income received but not expenses incurred. Hence IG 11 is suggested to be amended to include expenses to be disclosed(Aasb, 2017).
Letter from Australian Council for Auditor general dated 21.02.2017- Through this letter, ACAG has expressed its support to the AASB board on the subject. They have also included suggestions related to citizen transactions and non-citizen transactions on normal terms. ACAG suggested that the decision on grants paid by any public sector entity to any identity is similar in nature like party transactions should be considered as non-citizen transactions(Aasb, 2017). Refer to contrast of paragraph BC 17; non-citizen transaction may be subject to disclosure which ACAG suggests to be treated as open process. Screenshot of the letter is given below:
It is observed that out of four letters, three had supported the issue, only one had opposed the same. So far public interest is concerned; the agenda is introduced to ensure transparency between the public service provider-tax payer relationships. The public service provider is providing their services by the money the tax payers pay. Hence the tax payers have all liberty to ask for disclosure of transactions taken place through these transactions of income received and expenses paid. The necessary suggestions are made to ensure prudence to the stakeholders so that they can satisfy themselves about the proper utilization of their money instead of skeptic attitude followed by disbelief that the money is being sued for personal interest.
References:
Aasb. (2017, February 22). Aasb 124 related party disclosure. Retrieved May 08, 2017, from Aasb: https://www.aasb.gov.au/admin/file/content106/c2/ACAG%20submission%20-%20Tentative%20Decision%20AASB%20124%20and%20Materiality_FINAL_170221_22-02-2017_104038.pdf
Aasb. (2017, February 17). AASB Tentative Agenda Decision Materiality of Key Management Personnel Related Party Transactions for Public Sector Entities. Retrieved May 08, 2017, from Aasb: https://www.aasb.gov.au/admin/file/content106/c2/Sub%20AASB%20Agenda%20KMP%20Materiality%2016022017F_17-02-2017_190926.pdf
Aasb. (2016). Accounting standards. Retrieved May 08, 2017, from Aasb: https://www.aasb.gov.au/Pronouncements/Current-standards.aspx
Aasb. (2016, December). Materiability of key management personnel related party transactions for public sector entities. Retrieved May 08, 2017, from https://www.aasb.gov.au/admin/file/content105/c9/AASB124_TAD_12-16.pdf
Aasb. (2017, February 23). Materiality of key management personnel. Retrieved May 08, 2017, from Aasb: https://www.aasb.gov.au/admin/file/content106/c2/HoTARAC%20letter%20to%20AASB%20ED%20Materiality%20KMP%20related%20party%20PS%2022feb2017_23-02-2017_173530.pdf
Aasb. (2017, February 3). Materiality of Key Management Personnel Related Party Transactions for Public Sector Entities. Retrieved May 08, 2017, from Aasb: https://www.aasb.gov.au/admin/file/content106/c2/AASB-TentativeAgendaDecisionMaterialityOfKeyMgtPersonnelRelatedPartyTransForPSE_CPAAustralia_Submission_030217_03-02-2017_161659.pdf
Aicpa. (2017, April 26). AICPA Unveils Cybersecurity Risk Management Reporting Framework. Retrieved May 08, 2017, from Aicpa: https://www.aicpa.org/Press/PressReleases/2017/Pages/AICPA-Unveils-Cybersecurity-Risk-Management-Reporting-Framework.aspx
Aicpa. (2017). Cybersecurity Resource Center. Retrieved may 08, 2017, from Aicpa: https://www.aicpa.org/interestareas/frc/assuranceadvisoryservices/pages/cyber-security-resource-center.aspx
Aicpa. (2016, September 26). Introducing a New Framework for Reporting on Cybersecurity Risk. Retrieved May 08, 2017, from Aicpa:https://aicpa.org/2016/09/introducing-a-new-framework-for-reporting-on-cybersecurity-risk-management.html#sthash.X3VaGnWA.dpbs
Aicpa. (2016, August 25). Panel Discusses Effects of Cyberattacks at Annual Conference for State Legislators . Retrieved may 08, 2017, from Aicpa: https://www.aicpa.org/Advocacy/CPAAdvocate/2016/Pages/Cyberattacks-Discussed-at-NCSL.aspx
Bailey, T., Miglio, A. D., & Richter, W. (2014, May). The rising strategic risks of cyberattacks. Retrieved may 08, 2017, from Mckinsey: https://www.mckinsey.com/business-functions/digital-mckinsey/our-insights/the-rising-strategic-risks-of-cyberattacks
Charleston, J. (2017, April 06). Three Of The Biggest Cyber Security Threats To Australian Business. Retrieved May 08, 2017, from Huffingtonpost: https://www.huffingtonpost.com.au/2017/04/05/three-of-the-biggest-cyber-security-threats-to-australian-busine_a_22027681/
Nicholson, B. (2016, February 06). Defence white paper: terror, cyber threats driving upgrade. Retrieved May 08, 2017, from Theaustralian: https://www.theaustralian.com.au/national-affairs/defence/defence-white-paper-terror-cyber-threats-driving-upgrade/news-story/2f911f8474bc9061ce4fe17aac477d72
Ong, T. (2017, March 06). Cybercrime: National integrated response needed says former US ambassador Jeff Bleich. Retrieved May 08, 2017, from Abc: https://www.abc.net.au/news/2017-03-07/jeff-bleich-cybercrime/8328026
Tysiac, K. (2017, April 26). A new cybersecurity risk management reporting framework for management and CPAs . Retrieved May 08, 2017, from Journalofaccountancy: https://www.journalofaccountancy.com/news/2017/apr/cybersecurity-risk-management-reporting-framework-201716483.html
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order formOnce we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignmentAs soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download