Cyber risk is prevalent in almost every business today. Any business which has a web page, keeps information online, or uses the cloud is at risk for a cyber breach. It’s very interesting to me that these risks are so significant and widespread, but are rarely considered in an audit or internal audit engagement. The AICPA is working on a much awaited framework for evaluating and reporting cyber risks. In the meantime, auditors should begin to familiarize themselves with ways to identify and mitigate cyber risks.