Internal controls

Explaining the 3 faces of SOC

This column provides updates and adds perspective on SOC and reflects on changes in the reports and their attestation standards.

Monitoring fraud risks in the supply chain

Mark Pearson, who works in supply chain forensics for Deloitte, explains how companies can probe one of the top risks—third-party expense categories—and avoid overpaying.

Technology plays a role in board members’ top two concerns

In a business environment where a damaging Twitter post can have disastrous effects on a company’s financials, reputational risk remains the top nonfinancial concern for corporate directors, according to a new survey report. Another risk rooted in technology—cybersecurity and information technology risk—is rising quickly among directors’ concerns, according to the

How to use COSO to assess IT controls

CPAs can assess the effectiveness of their organization’s information technology controls by using Principle 11 of the newly updated internal control framework of the Committee of Sponsoring Organizations of the Treadway Commission (COSO). See a step-by-step procedure for applying Principle 11 to IT controls.

SPONSORED REPORT

Why cybercriminals are targeting CPAs

This free report expands on the most commonly found scams, why education and specialized IT knowledge help to lessen security vulnerabilities, and why every firm should plan carefully for how it would respond to a breach.

PODCAST

How tax reform — and Excel — are changing the CPA Exam

Mike Decker, the vice president of examinations at the AICPA, discusses changes being made to the exam as a result of tax reform — and about how Excel will now be available for use on the test.