Cybersecurity has become an important issue for every organisation in today’s digitally connected world. Awareness and understanding of the risks and appropriate responses is critical for everyone from the board of directors to the entry-level employees. This need extends to vendors, suppliers and related organizations, as well.

This tool will provide the basis of that understanding, along with important considerations for insuring that risk, for improving security, and for formulating a description of the entity’s cybersecurity risk management program that can be used as criteria for an assurance examination.