CPA Firm Impact of AICPA 2002 Top Technologies - Part I
by Roman Kepczyk, InfoTech Partners North America
The AICPA has once again released its list of Top Technologies that will impact your firm in the year ahead. In this first of two articles, we have outlined the top five technologies with a focus on how these technologies can be addressed within your CPA Firm.
1. Business and Financial Reporting Applications are those tools that allow us to more efficiently create and manage digital information and electronically transfer it to those that need it. To most firms this means how do we create financial information more effectively and share it with others. Moving to the "less-paper" audit is a huge step in this direction and the enabling technology to make it happen will be the XML-based (extensible markup language) XBRL (extensible business reporting language) being built into auditing applications. We recommend you designate one audit person to keep abreast of XBRL (www.xbrl.org) happenings for the firm and to evaluate the XBRL capabilities of your workpaper and data extraction applications. As XBRL proliferates from the larger SEC clients to their affiliates, it will filter down to your clients and it is important that you understand the benefits.
At the same time, it is imperative that you streamline your procedures to ensure that your are not losing efficiency dealing by re-entering data or dealing with time spent on the "cosmetics" of making the financial statement look good. Today's audit applications allow you to produce financial statements directly from the application or digitally link the trial balance to your Excel/Word financial statements. Train your people on utilizing these links and UPDATE your firm financial statement formats so they can be easily standardized. After the first year setup, your auditors should be able to produce near-final financial statements, significantly reducing "cleanup" time on the back end.
2. Training and Technology Competency: We have found over the past few years when consulting with firms that training is consistently the number one or two issue from CPA firm personnel. Studies show that untrained workers take three to six times longer to get to the same or lower level of productivity as trained workers and consume four to six times more support resources. The most effective firms have a training coordinator on staff and a comprehensive training curriculum. We feel firms of 40 members or more should have a person dedicated to this role, at least on a part-time basis. Without this allocation of resources, the firm will have an extremely difficult time standardizing their training and capturing best practices. Below are links to a sample job description, sample training curriculum and an article that will help you improve your firms training infrastructure:
Sample Training Curriculum (Word File)
Sample Training Coordinator Job Description (Word File)
Top Training Tips Learned from Training Symposium (Article)
3. Information Security and Controls is on everyone's mind as we store more information on our networks and open them up to the Internet and dial in. Your firm must do all it can to physically and electronically protect your information assets. This begins with protecting data with daily full system data backups that are tested regularly and sent offsite daily. This also includes your remote personnel backing up data while in the field using today's USB fobs, PC-Card Storage and Zip disks, to ensure that work is not lost while in process.
For workstation control, the firm must mandate the use of passwords and change them frequently (at least every six months). We also recommend you physically lock workstations whenever unattended (either with locking cables or cabinets to minimize the risk of casual theft. Your fileserver and network equipment should also be in a locked area to minimize access.
The firm must also have procedures in place to ensure that the latest security and virus patches are implemented consistently. We recommend you work with an external network integrator to implement and validate your firewall, virus applications (so they update on at least a daily basis), and security/update patches to your network infrastructure. In today's rapidly evolving environment, it is virtually impossible for your network administrators to keep abreast of all the latest security issues and to be able to competently implement them 100% of the time. Is is also important to remind your users annually of the firm's computer usage policies and current technology risks/exposure.
4. Quality of Service in CPA Firm term is the amount of available uptime on our networks. Calculate the cost of an hour or day of downtime and your realize that QoS is significant for our firms. To get QoS, we must stabilize our networks by standardizing on a single network and workstation operating system, a single vendor for our laptops and desktop computers, and providing training on usage. We recommend you project your computer needs for the year ahead and purchase computers in as large a lot as possible, including one or two extra workstations for backup and new hires. By buying and configuring machines that are exactly the same, the firm can utilize disk imaging software such as Symantec Ghost or Power Quest, which reduce maintenance time. QoS is not cheap; with most technologically capable firms spending at least 5% of the net fees (plus IT salaries) to get it. If your firm is in a multi-office situation with a WAN and utilizing Citrix/WTS, you will need to add an additional 1%. This comes out to $6,500-$8,000 per seat for most firms
5. Disaster Recovery (includes business continuation and contingency planning) is something we must all plan for, especially in light of virus attacks of the last year and the events of September 11. All firms should have a disaster recovery plan in place to ensure that the firm can respond in the event that access to the building or network resources is not possible. Copies of the document should be distributed amongst the management team (which can be done via email to those user's home email accounts) and summary information can be printed on wallet cards to distribute to the staff so they will know the appropriate first response. Calling circles should be organized to get information out quickly and alternate processing methods need to be discussed. CPA2Biz has developed a disaster recovery information center that has many useful resources provided by members including a Checklist for CFOs. For current statistics and information, we also suggest www.drplanning.org.
Contact Roman at firstname.lastname@example.org.