Cyber Risk Management and Accounting Profession Cover Image

Управлението на киберриска и счетоводната професия
Cyber Risk Management and Accounting Profession

Author(s): Michael Musov
Subject(s): Economy, Accounting - Business Administration
Published by: Университет за национално и световно стопанство (УНСС)
Keywords: cyber risk; cybersecurity; accounting profession; accounting higher education

Summary/Abstract: In today’s world of information technologies (IT) and digital connectivity cyber risk is considered inevitable for all organizations. Hence, understanding cyber risk and managing it effectively is crucial for all. This paper includes a literature review with the aim to suggest a model for cyber risk management as well as to justify the role of accountants in this model. This review leads to the conclusion that cyber risk is a unity of three elements (threat, IT vulnerability and negative impact) and suggests the following six integrated stages of its management: (1) identification, prioritization, and assessment; (2) control system design; (3) monitoring; (4) incident management; (5) reporting and assurance; (6) informal management. The incremental contribution of the proposed model with respect to the existing frameworks is in the following two differences: first, it is more integrative than the alternatives, and second, it quantifies cyber risk more relevantly and reliably than the alternatives. To apply the suggested model cybersecurity professionals should have some technical knowledge, but the core attributes relate to their personal capabilities. Due to their specific expertise and competencies, accountants can have a key role in risk management. To benefit cybersecurity risk management, however, accounting needs to reform its higher education model.

  • Issue Year: 4/2020
  • Issue No: 4
  • Page Range: 159-191
  • Page Count: 33
  • Language: Bulgarian