Skip to Content
Press Enter

Cybersecurity Topical Requirement

Issued: February 5, 2025 | Effective: February 5, 2026

The Cybersecurity Topical Requirement provides a consistent, comprehensive approach to assessing the design and implementation of cybersecurity governance, risk management, and control processes. The requirements represent a minimum baseline for assessing cybersecurity in an organization. Download the companion user guide for assistance in applying the Topical Requirement.

About Topical Requirements

Topical Requirements

Learn how IIA Topical Requirements for internal auditing enhance the consistency and quality of internal audit services.

Public Comment Period

We need your input! The IIA is developing Topical Requirements as a new element of the International Professional Practices Framework (IPPF), which also includes the Global Internal Audit Standards™ and Global Guidance.

Learn about IIA programs and partners.

We are continually searching for innovative products and services to enhance our members' ability to meet their rising stakeholder demands.