The American Institute of CPAs (AICPA), has released a risk management reporting framework that is intended to “establish a common, underlying language for Cybersecurity risk management reporting—almost akin to US GAAP or IFRS for financial reporting.”

According to AICPA, the framework may be used by both management and CPAs to “enhance cybersecurity risk management reporting