Six Steps to Battle Cybersecurity Risks
What cost or time investment would you pay to protect your firm and your clients?
By Donny Shimamoto for Cybersecurity for Accountants
RISK MANAGEMENT
Is Audit in Crisis Because of Definitions?
Auditors, accountants and businesses need to agree on expectations and deliverables in audits.
By Alan Anderson
Transforming Audit for the Future
Instant download:
“The New Manifesto for Accountants.“
Do the banks and investors get useful information from historical audited financials? In their book, “The End of Accounting and the Path Forward for Investors and Managers,” Baruch Lev and Feng Gu researched the relationship between changes in stock prices and the dates that corporate financial reports were released.
MORE: Three Fundamental Questions to Ask in Audit | How Auditors Can Beat AI | The Big Issues in Audit: Frustration, Inconsistency and Technology | Five Ways to Increase Audit Efficiency | Early Adopters Gain an Edge in Audit | Talent Retention: Five Tips for an Audit Adjustment | Six Benefits of an Internal Audit | The Ten Financial Controls That’ll Make You a Hero | Five Cash Reports You Can’t Live Without | When an Audit Is a Great Thing
Exclusively for PRO Members. Log in here or upgrade to PRO today.
In the 1950s and 1960s, roughly 90 percent of the market value of public companies could be directly attributed to the earnings and book value reported in their financials. By 2013, that percentage had dropped to just 50 percent. Personally, I’m surprised it’s even that high. The historical financial statement does not serve the needs of the users of those statements.
READ MORE →
Why Business Email is Doomed
Malware, ransomware, phishing and other hacker tools will make email obsolete.
By Frank Stitely
The Relentless CPA
Last year, the CEO of Slack predicted the demise of business email in five years. I think he’s wrong. I think business email maybe has another two years. There are two obvious reasons why email has a foot in the technological grave.
MORE: Control Your Time: Avoid Ambush Meetings and Phone Calls | Get Clients to Bring Tax Docs Early…Yes, EARLY | You Train Your Clients, Whether You Mean To or Not | Train Your Clients Before They Train You | Why Time Tracking Still Matters | Business Owners Face One of Three Exits | Don’t Let Clients Dictate Tax Workflow | Make Fewer Mistakes, Increase Revenue and Capacity | How Small Firms Can Win the Talent Wars | Easy Ways to Avoid ‘Done But’ Tax Returns | Six Ways to Create a Millennial-Friendly Firm | Do You Know Your Turnaround Time?
First, spam killed the efficiency of email. How much time do you spend each day deleting spam? You can train your spam blocker, but professional spammers get through using variable email addresses and agreements with internet routing companies.
READ MORE →
The 7 Categories of Cybersecurity Solutions Firms Need
How important are WISP and employee awareness? Just ask the IRS or the FTC.
By Donny Shimamoto, CPA, CITP, CGMA
On Cybersecurity for Accountants
Center for Accounting Transformation
Historically, finding cybersecurity solutions “right-sized” for the small and mid-sized business space was difficult. Most of the technologies were expensive and difficult to implement, and their price points weren’t reasonable for organizations with under 25 people. It’s only been within the last five years that we’ve seen solutions mature and evolve enough to be delivered via the cloud at a price point that makes sense for smaller organizations.
MORE: How Hacker-Proof is Your Firm? | Donny Shimamoto: Future Firm Growth Requires a Mindshift | AI, OCR, NLP & CPAs: Oh My! | Accounting Nerds, Unlock Your Super Powers | Early Adopters Gain an Edge in Audit | Dustin Wheeler: For Serious CAS Success, Hire Tech Teams | CSR for CPAs: The Missing Ingredient | Donny Shimamoto Explains How ‘Agile’ Applies to CPA Firms | Staff Retention for Remote Workers | Why the Future is in Risk Advisory | Ready for Non-CPA “CPA” Firms?
To check if your policy addresses all of the requirements, take our Cybersecurity Compliance Self-Assessment for Tax Practitioners at: improvetheworld.net/CyberSelfAssessForTaxBook
With the COVID-19 pandemic and the adoption of remote work increased cybersecurity threats, the cybersecurity industry has stepped up and made solutions much more affordable and easier to implement. These solutions still require some technical knowledge to install, but there is much less maintenance, and they now make economic sense even for sole practitioners. READ MORE →
Are You Ready to Become a Data Analyst?
The right dashboards can optimize your data … and your value.
By Bonnie Buol Ruszczyk
Business leaders are constantly called upon to make snap – yet important – decisions. Yet, poring through spreadsheets, reports and financial statements can be a laborious and time-consuming process, especially for those who need to act on urgent matters.
MORE: SURVEY: Zoom, Teams Top Meeting Choices | Are You Using Too Many Monitors? Or Not Enough? | One in Four Firms Replaces Servers by Schedule | You’re Probably Not Reading This on an iPad | 52% of Firms Look Outside for IT Support | Pandemic? What Pandemic? | Today’s Top 3 Problems: Staffing, Workflow and Tech
This is where data visualization tools can be a tremendous boon to organizations. Automatically pulling from various data sources, these cloud-based, interactive dashboards present business data visually using charts, graphs and other widgets. Once designed, these repositories save precious time for analysts, managers and key decision-makers, allowing them to focus on the information and analysis rather than on the grueling process of gathering it and creating reports.
IRS and FTC Cybersecurity Expectations of Tax Practitioners
Your tools for a cybersecurity compliance check-up.
By Donny Shimamoto
Cybersecurity for Accountants
In August 2019, the IRS published its list of “Security Six” steps to protect taxpayer information.[i] These described the six “basic protections” that it expects tax prepares to utilize.
MORE: How Hacker-Proof Is Your Firm? | Unleashing the Power of Technology: Transforming Accountants into Trusted Advisors | Future Firm Growth Requires a Mindshift | AI, OCR, NLP & CPAs: Oh My! | Accounting Nerds, Unlock Your Super Powers | Early Adopters Gain an Edge in Audit | Dustin Wheeler: For Serious CAS Success, Hire Tech Teams | CSR for CPAs: The Missing Ingredient | Donny Shimamoto Explains How ‘Agile’ Applies to CPA Firms | Staff Retention for Remote Workers | Why the Future is in Risk Advisory | Ready for Non-CPA “CPA” Firms?
These include:
Cybersecurity Exemptions for Orgs with Less than 5,000 Clients
You may be off the hook, but not out of the woods.
By Donny Shimamoto
Management consulting company AON described an exemption for some of the FTC requirements for firms that handle the personal identifiable information (PII) of less than 5,000 consumers.[i]
The Safeguards Rule provides an exception from certain requirements if the covered financial institution maintains customer information concerning fewer than 5,000 consumers. A consumer is defined in Section 314.2(b)(1) of the Safeguards Rule as “an individual who obtains or has obtained a financial product or service from the financial institution that is used primarily for personal, family, or household purposes, or that individual’s legal representative.”
MORE: How Hacker-Proof Is Your Firm? | Unleashing the Power of Technology: Transforming Accountants into Trusted Advisors | Future Firm Growth Requires a Mindshift | AI, OCR, NLP & CPAs: Oh My! | Accounting Nerds, Unlock Your Super Powers | Early Adopters Gain an Edge in Audit | Dustin Wheeler: For Serious CAS Success, Hire Tech Teams | CSR for CPAs: The Missing Ingredient | Donny Shimamoto Explains How ‘Agile’ Applies to CPA Firms | Staff Retention for Remote Workers | Why the Future is in Risk Advisory | Ready for Non-CPA “CPA” Firms?
Essentially if you handle less than 5,000 social security numbers, then it would appear that you can take advantage of this exemption. AON went on to report that if you fall under this exemption, then you do not need to address the following requirements:
Safe Harbor Compliance Reduces Risk of Fines and Penalties
Protect your clients–and your firm–by being proactive.
By Donny Shimamoto, CPA, CITP, CGMA
In the last few years, we’re starting to see state legislatures and attorney generals recognizing that tax practitioners are trying to protect their clients. They are formalizing this recognition with changes to regulations or laws to include “safe harbor” provisions that limit or eliminate the fines and penalties for tax practitioners who take proactive action to manage their cybersecurity risks.
MORE: How Hacker-Proof Is Your Firm? | Unleashing the Power of Technology: Transforming Accountants into Trusted Advisors | Future Firm Growth Requires a Mindshift | AI, OCR, NLP & CPAs: Oh My! | Accounting Nerds, Unlock Your Super Powers | Early Adopters Gain an Edge in Audit | Dustin Wheeler: For Serious CAS Success, Hire Tech Teams | CSR for CPAs: The Missing Ingredient | Donny Shimamoto Explains How ‘Agile’ Applies to CPA Firms | Staff Retention for Remote Workers | Why the Future is in Risk Advisory | Ready for Non-CPA “CPA” Firms?
As of December 2022, the following states have some type of safe harbor provision in place:
In contrast, states like California and Colorado are taking the opposite approach and penalizing organizations that have data breaches.[iv]