{"id":218747,"date":"2026-05-12T17:43:00","date_gmt":"2026-05-12T21:43:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/12\/cybersecurity-disclosures-and-the-role-of-the-internal-audit-pwc\/"},"modified":"2026-05-22T12:45:55","modified_gmt":"2026-05-22T16:45:55","slug":"cybersecurity-disclosures-and-the-role-of-the-internal-audit-pwc","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/12\/cybersecurity-disclosures-and-the-role-of-the-internal-audit-pwc\/","title":{"rendered":"Cybersecurity disclosures and the role of the Internal Audit: PwC"},"content":{"rendered":"<p><a href=\"https:\/\/www.pwc.com\/us\/en\/services\/consulting\/cybersecurity-data-tech-risk\/library\/sec-final-cybersecurity-disclosure-rules\/cybersecurity-and-internal-audit.html\">Cybersecurity disclosures and the role of the Internal Audit: PwC<\/a><\/p>\n<p><a href=\"https:\/\/www.pwc.com\/us\/en\/services\/consulting\/cybersecurity-data-tech-risk\/library\/sec-final-cybersecurity-disclosure-rules\/cybersecurity-and-internal-audit.html\">https:\/\/www.pwc.com\/us\/en\/services\/consulting\/cybersecurity-data-tech-risk\/library\/sec-final-cybersecurity-disclosure-rules\/cybersecurity-and-internal-audit.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-12 17:43:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.pwc.com\">www.pwc.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points.<br \/>\n        Cyber risk has historically ranked high and has been an area of concern in internal audit risk assessments over the past decade. As such, it\u2019s likely that your audit plan has evaluated some of these areas with a close nexus to the new reporting requirements. Given the short ramp-up time, though, an independent and holistic evaluation may be necessary to assess readiness both from a first- and second-line perspective. Here are a few topics\u00a0worth considering:<\/p>\n<p>Cyber governance:\u00a0Disclosure management, board reporting and oversight.<br \/>\nCyber risk management:\u00a0Cyber risk assessment and scenario threat modeling; Key Risk Indicators (KRIs); cyber risk and control frameworks anchored to authoritative sources such as NIST CSF, NIST 800-53 and other sources; NIST CSF cyber program capability maturity assessment.<br \/>\nCyber incident reporting:\u00a0Process and\u00a0controls and maturity assessments in the key areas of incident response management, security operations center (SOC), security incident information and event management (SIEM), technical and executive tabletops.<\/p>\n<p>The new cyber disclosure rule requires even greater communication and connections among\u00a0IT and security, finance, general counsel and ERM teams. Internal audit should coordinate with the cross-functional team as it does the assessments.<br \/>\nCoordination with SOX teams can also yield collaborative results. With the evolution of cyber risks, areas of common cyber exposure relative to financial reporting have caused auditors to scrutinize the potential impact of cyber risks on the financial statements more closely. Examples of such areas of common exposure include patch management, intrusion detection, backup and restoration of data, vendor management and wire processing.<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybersecurity disclosures and the role of the Internal Audit: PwC https:\/\/www.pwc.com\/us\/en\/services\/consulting\/cybersecurity-data-tech-risk\/library\/sec-final-cybersecurity-disclosure-rules\/cybersecurity-and-internal-audit.html Publish Date: 2026-05-12 17:43:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":218748,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.pwc.com\/us\/en\/services\/consulting\/cybersecurity-risk-regulatory\/assets\/cybersecurity-and-internal-audit-properties.jpeg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24],"class_list":["post-218747","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/218747"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=218747"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/218747\/revisions"}],"predecessor-version":[{"id":218749,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/218747\/revisions\/218749"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/218748"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=218747"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=218747"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=218747"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}