Skip to main content

Auditing and Controlling Cybersecurity Risks

Understanding the role of accountants and auditors in successful cybersecurity policies and strategies

Cybersecurity is crucial for organizations today. The American Institute of Certified Public Accountants calls cybersecurity “one of the top issues on the minds of management and boards in nearly every company in the world—large and small, public and private.”

As a critical component of management control systems, cybersecurity has emerged as a significant accounting and auditing issue, subject to cost-benefit analysis, control assessments and disclosure policy concerns. How can accountants and auditors do their best to control and audit cybersecurity? What are some best practices, and what else do firms need to know?

This 60-minute webinar was presented by Smith Business Insight and the CPA Ontario Centre for Corporate Reporting and Professionalism. Featuring an all-star panel of accounting and organizational experts: Yu Hou and Bertrand Malsch (Smith School of Business), Antonio Pecora (Canadian Public Accountability Board) and Steven Ding (Queen’s School of Computing).


  • The role of auditing and controls to improve cybersecurity from a business and research perspective.
  • Best practices to ensure the adoption of successful cybersecurity policies and implementation strategies.
  • Required actions to inform investors about material cybersecurity risks and incidents in a timely fashion.
  • Recommendations for external auditors to effectively assess cybersecurity risks.

This webinar was recorded on Wednesday, November 30.

About the CPA Ontario Centre for Corporate Reporting and Professionalism

The CPA Ontario Centre for Corporate Reporting and Professionalism at Smith School of Business was established in 2021 thanks to the generous financial support of CPA Ontario. The centre's goal is to promote creative and innovative ideas around corporate reporting reforms and the development of new forms of professional expertise. The centre also advocates for inclusion and recognition of the diversity of stakeholders beyond shareholders in defining good corporate reporting and professionalism.

Session Participants

Dr. Bertrand Malsch

Associate Professor & PWC/Tom O'Neill Professor of Accounting

Bertrand Malsch is an Associate Professor & PWC/Tom O'Neill Professor of Accounting at Smith School of Business and the 2020 recipient of the Award for Research Excellence. He is the author of numerous leading articles in international academic journals on the subject of auditing, accounting regulation and governance. His work has been presented in many scholarly and professional conferences around the world. He is a member of the Quebec Bar.

Antonio Pecora

Director of Information Technology Inspections, Canadian Public Accountability Board

Antonio Pecora is a director of information technology inspections at the Canadian Public Accountability Board (CPAB).  He has over 20 years of experience in the areas of IT risk and controls, controls optimization and regulatory compliance. His experience has contributed to numerous publications related to technology in the audit, auditing in the crypto-asset sector and third-party reporting.

Dr. Steven Ding

Adjunct Faculty, Queen's School of Computing

Steven Ding is an assistant professor at the School of Computing at Queen’s University where he leads the L1NNA Artificial Intelligence and Security Lab. His research bridges the domain of machine learning, data mining and cybersecurity. His current research is supported by BlackBerry, the Canadian Centre for Cyber Security under the Communications Security Establishment, and Defence Research and Development Canada under the Department of National Defence.

Dr. Yu Hou

Associate Professor & KPMG Fellow of Accounting

Yu Hou is an Associate Professor & KPMG Fellow of Accounting at Smith School of Business and the Senior Research Fellow for the CPA Centre for Corporate Reporting and Professionalism. His areas of study include disclosure and auditing, and he has published papers in top journals such as The Accounting Review and Contemporary Accounting Research. He received a CGA certificate from the Certified General Accountants Association in 2003.