Data Security Remains Top Concern for CPAs, Survey Shows

BY ALEXANDRA DEFELICE
June 3, 2010

Data security will remain the most pressing concern for CPAs and their clients over the next 12 to 18 months, according to the AICPA’s 21st annual Top Technology Initiatives Survey, which was unveiled this week.

This is the eighth consecutive year the issue has made the top of the list.

This year’s top 10 technology issues include:

  1. Security of data, code and communications
  2. Connectivity / wireless access
  3. Backup solutions / disaster recovery 
  4. Secure electronic collaboration with clients
  5. Paperless workflow
  6. Laptop security (encryption)
  7. Small business software
  8. User mobility
  9. Tax software
  10. Server virtualization and consolidation

Several other items on the list also tie into security in one form or another.  For example, even as a sole practitioner, Joel Lanz, CPA/CITP/CFF, co-chairman of the Top Technology Initiatives Task Force, is using client portals to securely collaborate with his clients electronically.

 

“If I don’t use a portal, I have to send a client an encrypted e-mail,” Lanz said, adding that CPAs should advise their clients to use portals with their own customers as well as a more secure way to collaborate.

This is the first year the survey has extended beyond a firm’s internal technology issues to address technology-related questions clients are asking their CPAs, particularly in audit or risk management situations.

“Clients increasingly are asking CPAs for advice on information technology issues in the same way they ask for advice on tax issues, broadening the scope of work a CPA is asked to provide,” said task force co-chairman Ron Box, CPA/CITP/CFF.

CPAs in firms of all sizes need to come to the table armed with some knowledge of what’s concerning clients, he said.

When Lanz worked for Arthur Andersen as a technology risk consulting partner, other partners asked him for the “buzzwords” as part of a briefing to prepare for audit committee meetings, he recalled.

“If they don’t know enough to get by in that conversation, they could potentially lose that account because they can be judged to be not relevant in today’s environment,” Lanz said. “They don’t have to be technology geeks, they just have to know enough to get by.”

As a result, this year’s survey also included a list of the top questions pertaining to IT strategy, governance and risk management concerns that CPAs should keep in mind, in order of importance.

They include:

  1. Are we ensuring that our data and technology resources are protected against hacking, viruses or other compromises?
  2. Are we considering/ implementing organizational security precautions even though we haven’t had a data breach or loss?
  3. Are our current internal controls and IT governance policies and procedures effective?
  4. Are we receiving the most relevant and current information from our reporting functions (business intelligence, dashboards, etc.) or are there areas for improvement?
  5. Have we implemented a sound/appropriate privacy policies and procedures within the organization and for our customers?
  6. Are we appropriately considering the IT risks associated with the organization in initial planning of any audit or attest engagement?
  7. Are we capturing the appropriate control objectives during the initial planning of any audit or attest engagement to address the IT risks associated with the organization?
  8. Should we refresh our core and financial accounting software to leverage technology efficiencies every few years?
  9. Can our data remain safe if we utilize cloud computing/Software as a Service (SaaS) services?
  10. Can we deliver on our service and product promises to our customers if we utilize cloud computing/SaaS services?

Box and Lanz will discuss the results of the 2010 survey on the AICPA Top Technology Initiatives Webinar from 2 to 3:30 p.m. Eastern on June 23. The webinar will put the survey results in context using practical examples to provide participants with an introduction to each initiative and its implication for their clients. Register here

 

More from the JofA:

 

 Find us on Facebook      Follow us on Twitter

 

PROFESSIONAL DEVELOPMENT: EARLY CAREER

Making manager: The key to accelerating your career

Being promoted to manager is a key development in a young public accountant’s career. Here’s what CPAs need to learn to land that promotion.

PROFESSIONAL DEVELOPMENT: MIDDLE CAREER

Motivation and preparation can pave the path to CFO

CPAs in business and industry face intense competition to land a coveted CFO job. Learn how to best prepare yourself for the role.

PROFESSIONAL DEVELOPMENT: LATE CAREER

Second act: Consulting

CPAs are using experience to carve out late-career niches. Learn how to successfully make a late-career transition to consulting, from CPAs who have done it.