Cybersecurity Risk Assessments

Build the skills needed to assess cybersecurity risks that can affect operations, financial reporting, fraud exposure, and business continuity. This course explains how to identify critical assets, evaluate threats and vulnerabilities, test controls, and prioritize responses based on business impact. It also connects governance, legal duties, incident response, and monitoring to a disciplined assessment process. Accounting professionals can use these tools to improve risk oversight and support better decisions in a digital environment.

Format

PDF Course

Course Lists

Duration

8 Hours

Course Information

Author: Steven Bragg

Course number: IT0003

Learning Objectives

Recognize why cybersecurity risk assessments must be connected to business strategy.
Recall the indicators of a material cyber issue.
Recognize the value of mapping business processes during an assessment.
Specify the reasons for documenting assessment scope issues.
Recall why data classification is needed in an assessment.
Recognize the risks associated with asset inventory practices.
Recall why configuration records are needed in an assessment.
Recognize why cloud data concentration can be a risk for an organization.
Specify the uses of threat intelligence in a risk assessment.
Recall why social engineering is a risk.
Recognize the conditions that can increase ransomware exposure.
Recall the nature of a cascading cyber risk.
Recognize the nature of a single-point failure.
Specify the issues associated with an impact analysis.
Recall the problems with quantitative risk methods.
Recognize why existing controls should be evaluated in an assessment.
Recall why control operation is as important as control design.
Recognize the different types of access practices, and when to use them.
Specify the risks associated with deprovisioning.
Recall the issues with the use of shared credentials.
Recognize the risks associated with remote access.
Recall the issues associated with data retention.
Recognize why backup protection must be included in an assessment.
Specify the issues related to network architecture risk.
Recall how hardening can be accomplished.
Recognize the risks associated with legacy systems.
Recall the risks related to application programming interfaces.
Recognize the issues related to the use of SaaS applications.
Specify the concerns with fourth-party dependencies.
Recall why vendor concentration should be reviewed as part of an assessment.
Recognize the issues that can increase the level of human-factor cyber risk.
Recall the benefits of using well-defined incident reporting channels.

Level: Overview

Instructional Method: QAS Self-Study

NASBA Category: Information Technology

Prerequisites: None

Advance Preparation: None

Latest Review Date: May 2026

Program Registration Requirements: Click on the Enroll button to pay for and access the course. You will then be able to download the course as a PDF file, then take an on-line examination, and then download a certificate of completion if you pass the examination.

Program Refund Policy: For more information regarding administrative policies concerning complaints, refunds, and other matters, see our policies page.

AccountingTools, Inc. is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have the final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org.

The NASBA sponsor identification number for Accountingtools, Inc. is 115881.

AccountingTools is an IRS Approved Continuing Education Provider. We are compliant with the requirements for continuing education providers (as described in sections 10.6 and 10.9 of the Department of Treasury’s Circular No. 230 and in other IRS guidance, forms, and instructions). Our IRS Approved Continuing Education Provider number is 72821.