Frequently Asked Information Technology Questions

Posted by: Robert Brenis CGEIT, CISA, CRISC, PMP
Monday, June 21, 2010

CPAs are increasingly being asked to solve the information technology problems of their clients and prospective clients, according to a new survey by the American Institute of CPAs.

This year, the AICPA’s Top Technology Initiatives Survey asked AICPA members to rank a list of questions heard most often from audit committees, chief financial officers and chief information officers. With a renewed focus on IT-related issues, the survey makes it clear that CPAs need to understand information technology in order to collaborate effectively with clients.

Here are the top 10 most frequently asked questions accountants are hearing, how well do they line up with your concerns?

  1. Are we ensuring that our data and technology resources are protected against hacking, viruses or other compromises? This includes from outside the company as well as someone within the company.
  2. Are we considering or implementing organizational security precautions even though we haven’t had a data breach or loss? Why wait for a disaster to put in the prevention precautions – we should all be learning from the BP Gulf of Mexico crisis.
  3. Are our current internal controls and IT governance policies and procedures effective? Just having policies and procedures in place isn’t enough.  Are they updated regularly and do they meet the changes that the business has put in place?
  4. Are we receiving the most relevant and current information from our reporting functions (business intelligence, dashboards, etc.) or are there areas for improvement?  Companies rely on their systems to help run the business – are these systems being utilized to their fullest potential?
  5. Have we implemented sound, appropriate privacy policies and procedures in place within the organization and for our customers?  You just have to go to http://www.privacyrights.org/ar/ChronDataBreaches.htm to see a list of privacy breaches and you will get a sense of how important this is.
  6. Are we appropriately considering the IT risks associated with the organization in the initial planning of any audit or attest engagement?  The AICPA is focusing on this more and, for certain types of Attestation engagements, it is even necessary to do a Risk assessment.  When was the last time the organization did a risk assessment?  Have we done anything with the risks identified in the first assessment?
  7. Are we capturing the appropriate control objectives during the initial planning of any audit or attest engagement to address the IT risks associated with the organization? 
  8. Should we refresh our core and financial accounting software to leverage technology efficiencies every few years?   Are we getting the most out of our current ERP system?
  9. Can our data remain safe if we utilize cloud computing or Software-as-a-Service?   More and more companies are looking at this – not only the question about data security but also the total cost of ownership is a big question.
  10. . Can we deliver on our service and product promises to our customers if we utilize cloud computing services?
If you have questions on these frequently asked questions, or on other information technology issues, post a comment below or contact our Technology Services Group at 440-449-6800.

Comments for Frequently Asked Information Technology Questions

Leave a comment





Captcha