• Home
  • Cyber Risks and Privacy Strategies for Australian Practitioners

Cyber Risks and Privacy Strategies for Australian Practitioners

Are you and your clients armed against cyber-attack and ready for the Privacy Act changes? This webinar series will provide you with key information and start you on an action plan to combat potential cyber security and data breaches.

Content Description

These sessions provide key insights and provide action plans on cyber risk and data breaches, including the impact of the 28 February 2018 Australian privacy legislation. Learn the impact on managing your trust accounts, improve your external audit management letter points, assess internal controls and hear the latest developments to include in your Board commentary. The topics covered in the webinars are:

Session 1: Reporting data breaches and obligations for accounting practices

  • Why this affects CAANZ members.
  • The basic concepts of data breaches and privacy.
  • What is this new regulatory environment in Australian Privacy law and regulation?
  • EU General Data Protection Regulation (GDPR).
  • Who reports what breach to whom?
  • You’ve been hacked! How you must inform your clients and possibly their customers, employees & suppliers.
  • What might the costs be to your organisation?

Session 2: Trust accounts meet Cyber Risk

  • Reduce your exposure:
    • Terminated employees – checked out but never left?
    • Why two factor authentication matters
    • Are you a phish or a whale?
    • What’s expected in contemporary & robust password management?
    • Does the location of the cloud host really matter?
  • You’ve been hacked! By law, whom you may now need to inform your client

Session 3:– Advise your clients on Cyber Risk

  • The Insider Threat
  • Discuss the most common sources of exposure
  • What can be done about these?
  • Generating quality Management Letter Points, while addressing cyber security.
  • Your roles as a trusted advisor and 5 key messages when advising your clients.

  • Learning Outcomes

    Upon satisfactory completion of this webinar you will be able to:

      Session 1: Reporting data breaches and obligations for accounting practices

      • Describe the key obligations arising from the Australian Privacy Amendment (Notifiable Data Breaches) Act 2017
      • Outline the key actions required to notify the regulator of a data breach by your organisation

      Session 2: Trust accounts meet Cyber Risk

      • Describe the impact of digitisation on the control framework over Trust Accounts.
      • Identify the key controls typically used to reduce the risk of inappropriate access to online Trust records and the associated funds.

      Session 3: Advise your clients on Cyber Risk

      • Identify the most common internal controls used to reduce most cyber risk.
      • Draft four recommendations to be made in client management letters.
      • Describe the impact in a business oriented manner to your clients.


      Arm your practice and yourself against cyber-attack and be prepared for breach reporting. This three part webinar series will provide you with practical insights to the risks arising from cyber security, with insights from a highly experienced specialist.

    Mark Sercombe has advised clients on information security, IT risk and IT audit for over twenty-five years and is Platinum Member of ISACA as well as a FCA. He was a partner with Deloitte for 17 years. Since 2015, he has led a specialist practice - Technology Risk – assisting local and global organisations manage the challenges of cyber security. He is regularly requested to address professional gatherings convened by the Institute of Internal Auditors and CPA Australia.


    Topic: Audit & Assurance, Business Mindset, Corporate Finance, Ethics & Integrity

    Sub-Topic: Auditor Liability, Governance, Information & Communication Technology, Risk Management

    Format: Recorded Webinar

    Proficiency Level: Foundation, Intermediate

    CPD: 3 hours