CPA Practice Advisor

JUL 2018

Today's Technology for Tomorrow's Firm.

Issue link:

Contents of this Issue


Page 29 of 31

30 JULY 2018 ■ THE FIRM MANAGEMENT CHANNEL Every CPA Firm Needs to be a Security Company By Matt Wilgus, CPA, CISSP, CISA In 2018, the year of artificial intelligence, internet of things, blockchain, and big data, it is safe to say more and more companies are emerging to be technology companies. In the last year, a lot of attention has been placed on how automotive companies such as Ford and General Motors are positioning themselves as technology companies. Large conglomerates such as GE are marketing themselves as “the digital company that’s also an industrial company” and are using young programmers as the center of a large advertising campaign. However, it isn’t just industrial and manufacturing companies that are pivoting, large financial institutions are now developing and often acquiring Fintech providers. Santander created Santander InnoVentures with a stated aim of, “to support the digital revolution to make sure Santander customers around the world benefit from the latest know-how and innovations across the Banking Group’s geographies.” Verticals such as healthcare, education, media and many others now must address technological changes more than ever and position their investments in technology as differentiators. Technology and CPA Firms CPA firms are also once again changing. For many, the first customer facing technology may have been offering self-service options to extend back office functionality. Electronic invoicing and collections are two early examples that date back to the 1990s or earlier. As time moved on, other parts of the business, particularly those related to engagement delivery, also began to leverage technology. In the 2000s, firms began using file sharing services and central repositories such as Microsoft SharePoint to exchange data with clients. Most firms purchased commercial-off-the-shelf (COTS) products as they did not have many, if any, developers on staff. Today, firms have a plethora of on-premise and cloud-based offerings available and if none of them meet requirements, the potential to develop something in-house is readily available. These new solutions also require firms to think about security more than ever before. Large Firms and the Cobbler’s Children Many CPA firms, particularly larger firms, offer technology related advisory and consulting services, including developing software for their clients. However, they also need to innovate and leverage technology to improve the quality of their own offerings, be it tax, audit or advisory. These firms often have staff with the knowledge to adequately secure their own environment; however, they rarely work with internal initiatives. The problem is the work performed for the firm’s external clients are revenue generating, while securing internal systems yields no revenue, or is seen as taking away revenue due to the opportunity cost. Smaller Firms and Knowledge Gap All firms regardless of size need to leverage technology for competitive advantages. However, unlike large firms, smaller firms likely do not have the expertise to adequately secure their newly procured or developed systems. While organizations such as the AICPA have cybersecurity content available, and frameworks such as ISO 27001 exist, smaller firms may not have the time, means, and occasionally, desire, to implement security best practices. ■ Matt Wilgus is a Practice Director at Schellman & Company, Inc., where he leads the Threat and Vulnerability Assessment offerings. In this role he heads the delivery of Schellman’s penetration testing services related to FedRAMP and PCI assessments, as well as other regulatory and compliance programs. See the Security Checklist at LATEST FIRM MANAGEMENT NEWS How to Win the Digital Transformation Race. Digital leaders employ a holistic, adaptive approach to meet evolving customer, marketplace and regulatory needs. It's Time to Consider Client Portals. Though secure digital alternatives are available, many organizations still rely on the exchange of paper documents, faxing, or email attachments to exchange these sensitive documents. Russian Hackers Targeting U.S. Accounting Firms. With most firms using relatively similar software and service providers, a flaw found in one system can be easily replicated in countless others. California CPA Society Gets New Chair. Sharpstone previously served as CalCPA's first vice chair. He is an assurance partner with BDO United States' Los Angeles office. Launches Accountant Resource Center. The resource center provides actionable training, templates, and advice in key areas including internal and external product training, sales and marketing, and client onboarding. THIS MONTH'S TOP FIRM MANAGEMENT SOCIAL MEDIA POSTS ■ Can Your Receptionist be a Profit Center? Firm of the Future. ■ 3 Steps to ID and Fix Bottlenecks in Firm Workflow. Thomson Reuters Blog. ■ What a Great Succession Plan Looks Like. Rosenberg Blog. ■ Benchmarking Your Firm Against Others. Karbon Blog. ■ 3 Tips to Help Clients Through Hurricane Season. AICPA Insights.

Articles in this issue

Links on this page

Archives of this issue

view archives of CPA Practice Advisor - JUL 2018