Certified Public Accountants are increasingly being asked to solve information technology problems for clients and prospective clients, according to the 2010 Top Technology Initiatives Survey by the American Institute of Certified Public Accountants (AICPA).
“The tide has really turned this year with the economy and increasing regulations,” said Joel Lanz, CPA/CITP, CFF.“Clients are coming to CPAs asking them, ‘How do we handle technology risk?’ They expect CPAs to know enough to be able to discuss and manage the issues.”
Lanz and Ron Box, CPA/CITP, CFF, are co-chairmen of the AICPA’sTop Technology Initiatives task force.
“As small and medium-size companies increasingly place IT under their chief financial officers, it’s becoming much more of a broad scope of responsibility,” said Box. “With this survey we are preparing CPAs for the kinds of IT questions they will most likely confront by giving them resources with answers and tools to address client concerns.”
This year’s AICPA Top Technology Initiatives Survey is the first to ask AICPA members to rank questions heard most often from audit committees, chief financial officers, and chief information officers. With a renewed focus on IT-related issues, the survey makes clear that CPAs need to be literate about information technology in order to collaborate effectively with clients and their IT partners.
Top 10 most frequently asked questions:
- Are we ensuring that our data and technology resources are protected against hacking, viruses, or other compromises?
- Are we considering or implementing organizational security precautions even though we haven’t had a data breach or loss?
- Are our current internal controls and IT governance policies and procedures effective?
- Are we receiving the most relevant and current information from our reporting functions (business intelligence, dashboards, etc.) or are there areas for improvement?
- Have we implemented sound, appropriate privacy policies and procedures within the organization and for our customers?
- Are we appropriately considering the IT risks associated with the organization in an initial planning of any audit or attest engagement?
- Are we capturing the appropriate control objectives during the initial planning of any audit or attest engagement to address the IT risks associated with the organization?
- Should we refresh our core and financial accounting software to leverage technology efficiencies every few years?
- Can our data remain safe if we utilize cloud computing services or Software as a Service (SaaS)?
- Can we deliver on our service and product promises to our customers if we utilize cloud computing services?
Cloud computing/Software as a Service (SaaS) appeared in two questions, reflecting both the growing interest in Web-based technology solutions for business and concerns about the new risks that they may introduce. CPAs are providing vendor due diligence for their clients to ensure appropriate controls are in place in SaaS applications and confidential customer information is being protected.
CPAs believe data security will continue to be the most pressing concern for their clients and employers over the year, according to the Top Technology Initiatives Survey, which forecasts key IT issues in the year ahead. Full survey results are available at www.aicpa.org/TopTech.
AICPA Webinar – June 23
Box and Lanz will discuss the results of the 2010 AICPA Top Technology Initiatives survey in a Webinar, 2:00 to 3:30 p.m. Eastern, June 23. The Webinar will provide participants with practical examples of IT challenges and discussion of implications for clients with solutions. Register here.
The AICPA offers a specialty credential to CPAs who have demonstrated experience and expertise in technology, Certified Information Technology Professional (CITP).
The Top Technology Initiatives survey was conducted electronically among AICPA members between April 22 and May 12. A preselected group of respondents was invited to participate via e-mail. CPAs belonging to the AICPA IT member section provided 197 interviews; 1,531 members were invited, and a response rate of 13 percent was obtained. An additional 170 interviews were obtained from a random sample of members outside the IT section. The survey results are accurate within plus-or-minus 5 percentage points with a 95 percent level of confidence.