Divider
Divider


Janis Parthun
 

48% of Data Breaches Involve Insiders

How IT skills can help CPAs better manage risk.

January 31, 2011
by Janis Parthun, CPA.CITP

TechBytes

In my last column, I revealed how CPAs have a significant advantage over their peers when armed with added IT skills. In this column, I show how CPAs can leverage their IT skills in managing risk and improving financial and operational measures in their firms.

Improve Financial and Operational Measures

A recent University of Texas and Sybase joint study found that small improvements in quality, usability, intelligence, remote accessibility, and sales mobility have a positive effect on a corporation’s key financial measures, such as the productivity of employees and operational efficiency, such as planning and forecasting accuracy.

Rob Fisher, CPA.CITP, AVP of Accounting Operations & Financial Systems at Kansas City Life Insurance Company, adds value to his company by using his IT expertise. “I have been able to improve all core finance processes, including financial close & consolidation, accounts receivable, investment portfolio reporting, treasury operations and compensation and benefits,” he said. Because of this, he has been able to reduce cost, improve controls and more importantly allow his team more time on in-depth analysis, which is greatly enhanced by the availability and quality of the data within the newly implemented systems.

Leveraging IT Skills to Manage Risk

A 2010 Verizon study conducted along with the U.S. Secret Service, revealed that two out of five (40%) of data breaches are directly conducted through IT systems via malware, hacking or both.  What's more, the study also found that nearly half (48%) of data breaches studied involve insiders within an organization and misuse of privileges.

“My knowledge and experience allows me to extract more useful data from our IT systems, helps me align our IT development with long-range business plans, gives me greater insight into risk management and fraud detection issues and provides support in my effort to effectively align IT resources to current business needs,” pointed out Ron Box, CPA.CITP, chief financial officer and chief information officer for Joe Money Machinery Co. Understanding information technology issues has had a very positive impact on his ability to function at a higher level in his firm.

Opportunities for Exposure to IT

CPAs in Business & Industry and Public Accounting tend to have some responsibility associated with financial data. If you are in either of these industries, you can help improve your firm’s existing business process or task through automation or working on a special project with added IT expertise.

Pathways Available to Specialize in IT

Besides considering “software/ technology knowledge” as one of the top additional qualifications for hiring, 11 percent of the CFOs surveyed in a recent Robert Half survey also selected “certification or advanced degree” as an additional qualification for hiring a candidate.

CPAs who want to add that qualification can acquire membership through AICPA’s Information Technology Interest Area, which offers both membership and credentialing. The IT Section Membership provides resources to CPAs who want to research, monitor, assess, educate and communicate the impact of technology and its affect on the management of financial information. The Certified Information Technology Credential (CITP) recognizes CPAs for their unique ability to provide business insight by leveraging knowledge of information relationships and supporting technologies.

“CITP credential holders are specifically identified in all new client proposals from audit to litigation support. We make it known that we have individuals with the appropriate industry certifications to take on the new engagement,” said Jim Bourke, CPA.CITP,  partner at WithumSmith & Brown, who considers the CITP credential a major differentiator. “Plus, they are the ‘go-to’ person for the engagement team when it comes to any issues involving IT and/or underlying data on engagements,” he added.

Conclusion

Before embarking on a CITP venture, ask yourself the following questions to ensure IT expertise can not only improve your firm’s bottom line, but also promote you to a higher level:

  • Improve an existing business process or task:

    • Do you current manage a reporting, analysis or reconciliation process that can be improved through automation/technology?

    • Can you leverage advanced Excel formulas, Access, data analysis tools or report writer tools to improve a current process?
  • IT or systems related projects within your company:

    • Are there special projects that you can volunteer for, such as an ERP upgrade or user acceptance testing (UAT)?

    • Is your supervisor, manager, or a mentor aware of any special projects?
  • Training and education:

    • Are you signing up for training or course education related to IT?

    • Do you join any associations or membership that offers that IT related education?
  • Certifications or advanced degrees:

    • Are there any certifications that you are interested in that may relate to IT and can work towards, either through studies, experience or both?

    • Are you interested in pursuing a graduate degree related to information management or IT?
Rate this article 5 (excellent) to 1 (poor). Send your responses here.

Janis Parthun, CPA.CITP, CISA, CMA is a senior technical manager at the AICPA, where she manages AICPA’s IT Section and Certified Information Technology Professional (CITP) Credential program (IT Interest Area). The focus of the IT Section and CITP Credential program is to provide educational resources to CPA professionals interested in IT Assurance and Information/Data Management. Prior to joining the AICPA, Parthun worked at Grant Thornton, LLP as an internal controls manager within their Business Advisory Services group in the San Francisco/Bay Area.