Understanding the Importance of the CIS Controls

Given that attacks are only increasing and there needs to be greater efficacy in how companies protect themselves, let us reference how the financial industry has created and relies on a body of standards to address issues in financial accounting as a defined comparison for Information Security.

To support this argument, there is a defined contrast between information security and Generally Accepted Accounting Principles.

We’ll explore this relationship in more detail below. First, we’ll provide an overview of GAAP.

What Are Generally Accepted Accounting Principles?

According to Investopedia, the Generally Accepted Accounting Principles (GAAP) are a set of accounting principles, standards and procedures issued by the Financial Accounting Standards Board (FASB). They provide commonly accepted ways of recording and reporting accounting information. They also seek to standardize and regulate the definitions, assumptions and methods used in accounting across all industries.

Public companies in the United States must follow GAAP when their accountants compile their financial statements.

These 10 general concepts can help you remember the main mission of GAAP:

  1. Principle of Regularity: The accountant has adhered to GAAP rules and regulations as a standard.
  2. Principle of Consistency: Accountants commit to applying the same standards throughout the reporting process from one period to the next in order to ensure financial comparability between periods. Accountants are expected to fully disclose and explain the reasons behind any changed or updated standards in the footnotes to the financial statements.
  3. Principle of Sincerity: The accountant strives to provide an accurate and impartial depiction of a company’s financial situation.
  4. Principle of Permanence of Methods: The procedures used in financial reporting should be consistent to allow for a comparison of the company’s financial information.
  5. Principle of Non-Compensation: Both negatives and positives should be reported with full transparency and without the expectation of debt compensation
  6. Principle of Prudence: This emphasizes fact-based financial data representation that is not clouded by speculation.
  7. Principle…