NASBA Field of Study
Cybersecurity risks to businesses and firms
Different cybersecurity controls frameworks (i.e., NIST, ISO, TSC, etc.)
Elements of a cybersecurity risk management
Internal controls and other risk management activities
Client recommendations in a readiness assessment
Apply knowledge of an effective cybersecurity risk management program to analyze a client’s program and conduct a readiness assessment.
Differentiate the various frameworks available (e.g., NIST, ISO, TSC, and/or hybrid) and apply which is better as well as when/how to use it.
Apply tests to client’s cybersecurity controls and other risk management activities based on existing frameworks.
Identify client recommendations for improvements based on readiness/ assessment Â procedures.
Understand the client service opportunities and risks in providing advisory services in the cybersecurity space.
Accounting and finance professionals who actively participate in their organization’s risk management, budgeting, or strategy-setting activities.