Friday, April 28th, 2017
“For happiness one needs security, but joy can spring like a flower even from the cliffs of despair.” – Anne Morrow Lindbergh
Because of all the concerns about cybersecurity and the opportunity that it provides for CPAs to provide cybersecurity-related assurance services, I wanted to share a press release from the AICPA this week.
AICPA Unveils Cybersecurity Risk Management Reporting Framework
Voluntary Engagement Will Help Companies and Auditors Communicate Cyber Risk Readiness
NEW YORK (April 26, 2017) – At a time when organizations around the world are facing cybersecurity attacks, it is more important than ever for them to demonstrate to key stakeholders the extent and effectiveness of their cybersecurity risk management efforts. To help businesses meet this growing challenge, the American Institute of CPAs (AICPA) has introduced a market-driven, flexible and voluntary cybersecurity risk management reporting framework.
“Cybersecurity threats are escalating, thereby unnerving boards of directors, managers, investors and customers of businesses of all sizes – whether public or private,” said Susan S. Coffey, CPA, CGMA, AICPA executive vice president for public practice. “While there are many methods, controls and frameworks for developing cybersecurity risk management programs, until now there hasn’t been a common language for companies to communicate about, and report on, these efforts.”
The AICPA’s new framework will enable all organizations – in industries worldwide – to take a proactive and agile approach to cybersecurity risk management and to communicate on those activities with stakeholders. Two resources that support reporting under the framework are being released today:
- Description criteria – For use by management in explaining its cybersecurity risk management program in a consistent manner and for use by CPAs to report on management’s description.
- Control criteria – Used by CPAs providing advisory or attestation services to evaluate and report on the effectiveness of the controls within a client’s program.
A third resource for CPAs will be available in May:
- Attest guide – This guidance, Reporting on an Entity’s Cybersecurity Risk Management Program and Controls, will be published next month to assist CPAs engaged to examine and report on an entity’s cybersecurity risk management program.
Building on CPAs’ experience in auditing information technology controls, the AICPA’s Assurance Services Executive Committee identified the emerging need for cybersecurity-related assurance services. The goal was to enable companies to more effectively communicate the robustness of their cybersecurity risk management programs to key stakeholders.
“The framework we have developed will serve as a critical step to enabling a consistent, market-based mechanism for companies worldwide to explain how they’re managing cybersecurity risk,” Coffey explained. “We believe investors, boards, audit committees and business partners will see tremendous value in gaining a better understanding of organizations’ cybersecurity risk management efforts. That information, combined with the CPA’s opinion on the effectiveness of management’s efforts, will increase stakeholders’ confidence in organizations’ due care and diligence in managing cybersecurity risk.”
For more information and links to valuable resources for CPAs providing cybersecurity advisory and assurance services, visit our Cybersecurity Resource Center.
- "Man maintains his balance, poise, and sense of security only as he is moving forward."
Thursday, April 27th, 2017
“When you are in the news business, you always expect the unexpected.” – Helen Thomas
Earlier this month, I blogged about attending the New Horizon Group of CPA firm consultants’ annual meeting. It was held at the AICPA offices in New York.
This year I attended virtually (and it worked really well). Members are: Jim Bourke, Gale Crosley, Chris Frederiksen, Carl George, Angie Grissom, Rita Keller, Roman Kepczyk, Allan Koltin, Mark Koziel, Rob Nixon, Darren Root, Marc Rosenberg and Jennifer Wilson. Barry Melancon graciously gave us a briefing.
This week, Marc Rosenberg blogged about some “pearls of wisdom” obtained from that meeting. Be sure to read Rosenberg’s post here. Some significant changes are unfolding.
- "In the case of news, we should always wait for the sacrament of confirmation."
Thursday, April 27th, 2017
“It is nice to have valid competition; it pushes you to do better.” – Gianni Versace
As I have interacted with many firms over the years, I have observed that some partners are not worried at all about their competition and some partners are almost obsessed with beating their competition.
No matter your degree of concern, it is a good practice to be aware of your competition, their strengths and their weaknesses. In reality, they are strongly targeting your best clients (just like you are targeting theirs).
As Jeffrey Gitomer (sales guru) says, it is a sales war and winner take all. He also suggests some Competition Success Strategies:
- Speak kindly of your competition, or say nothing.
- Respect competition, and others will respect you.
- If others speak negatively about anything or anyone, DO NOT join in.
- Know your competition’s weaknesses, but focus on your strength and value.
- Know why they won, when you should have.
- Know how they speak about you, and build response into your presentation.
- Know how to beat them until they hate you (hating them is a waste of energy).
- Your only victory is when you get the job.
- "Do your work with your whole heart, and you will succeed - there's so little competition."
Wednesday, April 26th, 2017
“Human resources isn’t a thing we do. It’s the thing that runs our business.” – Steve Wynn
Many years ago, CPA firms didn’t begin their recruiting efforts on the college campus until September. We waited for the students to get back to campus and begin classes and then interviewed in late September into October.
Now, you must recruit, on the college campus, continually. You are competing with the large national firms. They are visible on the college campus every week!
Right now, be sure you are contacting the students on your prospect list before they leave campus for the summer. Stay in front of them.
Now that your interns have returned to campus, be sure you communicate with them before they leave for the summer. Hopefully, you have offered some of them part-time work throughout the summer months.
Be planning for the next campus job fair. Will your firm stand-out from the pack?
Here’s a unique idea from one of my favorite clients. Invite the students to play some putt-putt as they participate in the job fair.
- "I am convinced that nothing we do is more important than hiring and developing people. At the end of the day you bet on people, not on strategies."
Tuesday, April 25th, 2017
Many of you can remember when we had paper “in boxes” on our desks. We also had “out boxes”. Mail, memos, and other miscellaneous communication documents were placed in our in-box by our secretary (remember that word?). The same person emptied our out-box and distributed our notes, memos and job assignments to the proper person within the firm.
Often the in-box contained items that we would place in a “do it later pile.” That pile on our desk could attain dangerous heights.
Then, many of us learned how to handle each piece of paper that came into our office mostly via the in-box. The trick was to only handle it once – not to put it in a stack with other things we intended to deal with later. Concerning each document we were to Act, File, Delegate or Trash – no “deal with it later” labels were allowed.
Now we are in the age of handling the multitude of items that appear in our digital in-box. In a recent article via Fast Company, Brad Smith, CEO of Intuit, sums up his email approach as “read, act, file or delete.” By limiting his options he is able to clear his in-box daily without the help of an assistant. Smith notes, “It requires real commitment.”
If the CEO of Intuit can master his in-box, I bet you can do it, too!
Another option is NOT TO SEND many emails and thus, you will receive fewer in reply.
Here’s another email comment from Simon Sinek. “A five minute call replaces the time it takes to read and reply to the original email and read and reply to their reply.. or replies. And I no longer spend 20+ minutes crafting the perfect email – no need to.”
To avoid phone tag, I always make telephone appointments with people who wish to discuss things with me.
- "Social media presents an opportunity for business people to connect and know each other prior to a phone call or email taking place."
Monday, April 24th, 2017
“The best preparation for tomorrow is doing your best today.” – H. Jackson Brown, Jr.
In the accounting profession, we have been talking about sabbaticals for years. Few firms offer this benefit.
Some firms established a sabbatical program for partners, urging them to take six weeks away from the office with NO CONTACT. The mission being to prove to the partner that they could get along just fine without them and client service would not suffer. These types of programs were a half-hearted attempt at succession planning. Honestly, I haven’t heard of many firms offering sabbaticals in any form. It seems CPAs love to work!
Rather than focusing on partners, why not establish a sabbatical program for your team members. Maybe it would differentiate you from your competitors and help retain top talent.
Kabbage®, the pioneering financial services technology, and data platform, out of Atlanta is offering a unique benefit to its employees. Perhaps, you can learn from them.
Kabbage is now offering a sabbatical option for team members who have been with the company for 5+ years. And it’s quite the package – a 6-week sabbatical that is fully paid plus the company gives a $6k stipend to encourage its employees to do something memorable ( a trip of a lifetime?)
Check out their career webpage. They offer:
Daily catered lunches, ice cream freezer & snacks
Cold/brewed coffee & beer on tap
Onsite fitness & meditation classes
Adjustable sit/stand desks
Equity in the company
Full coverage of individual health benefits
Six-week sabbatical program
Learning & Development
More than 20 onsite courses
Interactive career development
All of this makes me ask the big question. How does your firm’s career webpage stack up?
- "Happiness is not something you postpone for the future; it is something you design for the present."
Saturday, April 22nd, 2017
The following is just a quick recap of my blog topics from this week. Perhaps you were too busy with last minute tax issues and then too busy celebrating the end of tax season to read some of these:
Monday, April 17th – Just for Fun – Taglines & Slogans (What’s your firm’s tagline?)
Tuesday, April 18th – What Will You Do Next Week? (Go ahead and recover after busy season…. but make it quick.)
Wednesday, April 19th – Virtual Employees Made Easier (The rise of the robot!)
Thursday, April 20th – Success in the CPA Profession (Now it is time to live in the real world – not home, not high school, not college. It is the world of work.)
Friday, April 21st – International Understanding (All CPAs, young or old should have some understanding of international issues, tax, etc.)
Scroll down this webpage and read about these topics, then do some other reading this weekend. Reading is a big part of life-long learning.
- "The thing that lies at the foundation of positive change, the way I see it, is service to a fellow human being."
Friday, April 21st, 2017
“The entrepreneur always searches for change, responds to it, and exploits it as an opportunity.” – Peter Drucker
Not that many years ago, CPA firms in the U.S.A. didn’t need to know much about international affairs. In fact, most people in firms never even thought about international implications.
All that has changed. Even some very small firms now have international clients and U.S. clients operating internationally.
If you work for a large corporation, accepting international assignments is expected if you want to advance your career.
Reading an article on HBR – Will refusing an International Assignment Derail Your Career? – made me think about what CPA firms are doing to educate their workforce about the business aspects of international operations.
In many firms there are partners who are well versed in international business. But, how far down the ladder does this type of knowledge go?
My questions for millennial CPAs, will the lack of international business knowledge and experience derail your career?
- "If people like you, they'll listen to you, but if they trust you, they'll do business with you."
Thursday, April 20th, 2017
You majored in accounting. You enjoyed all of your accounting courses.
You researched all the best CPA firms and interviewed with many – large, mid-size and small. Some were near home and some were in bigger, more vibrant cities.
You received offers from a few and made your decision.
Now it is time to live in the real world – not home, not high school and not college. It is the world of work.
You are in the world of building a career as a professional and easing into adulthood. It’s about learning what it means to be a professional along with all kinds of accounting, audit and tax topics. It’s learning about the business world and what to do to make a small (or large) business successful. It is about understanding people, getting along with them, eventually influencing them and enjoying working with them. It’s about earning the respect and trust of your clients and peers.
Maybe this quote from Vince Lombardi about football will help you.
“Football is like life – it requires perseverance, self-denial, hard work, sacrifice, dedication and respect for authority.”
- "If you believe in yourself and have dedication and pride - and never quit, you'll be a winner. The price of victory is high but so are the rewards."
Wednesday, April 19th, 2017
“Any sufficiently advanced technology is equivalent to magic.” – Arthur C. Clarke
In case you missed it, I wanted give you a link to an article in the latest issue of Accounting Today – Rise of the robot. It’s pretty cool.
We have been talking about remote and virtual employees and how to deal with them for several years now. Things continually evolve and firms are learning how to manage the ever-changing world of employee engagement and retention.
One firm, Navolio & Tallman featured in the article, is now using a machine called the Beam mobile presence system as their mobile conference set-up for individuals working virtually.
Think of the episode of Big Bang where Sheldon wants to protect his body from the hazards of the world and begins using a virtual presence machine.
Check out the article and the pictures. It also proves that you don’t have to be a humongous firm to do some very creative things. N&T has 3 partners and 18 people.
The firm’s work-from-home culture is thriving. They have a compressed work week, after April 15. Employees work 9 hours a day Monday through Thursday, and work from home Friday with the day ending at noon. During tax season, staff members do work on Saturdays, but they can do that from home as well.
I believe the best message for retaining top talent is simple. Invest in technology.
- "It has become appallingly obvious that our technology has exceeded our humanity."