Why I’m #AuditorProud: Auditors Are Protectors

Auditors have always played an important role in society. We validate information that helps citizens understand how towns and school districts manage their tax dollars. We assist small business owners in getting the financing they need to grow. We provide assurance on the information investors use to make decisions on where best to invest for their futures.

And as communities’ needs have grown, so too have the services auditors provide. Below are just three ways auditors have evolved the way they serve the public – and three reasons why I am proud to represent the auditing profession.

Evaluating Risk Management Programs Designed to Protect Sensitive Information

Businesses big and small are faced with cyberattacks every single day. The Equifax breach affected nearly one-third of the US population, while attacks like WannaCry and Petya impacted millions of people worldwide.

As a result, organizations are facing increasing pressure to demonstrate that they are managing cybersecurity threats, and that they have effective processes in place to safeguard personal information and respond to these types of attacks.

The profession anticipated and was ready for this this need. Earlier this year, the AICPA released its Cybersecurity Risk Management Reporting Framework to help organizations of all sizes and in all types of industries take a proactive approach against cyberattacks. Utilizing the framework, companies can take steps to protect sensitive information and help prevent disruptive events – and CPAs can provide assurance to clients, customers and investors about the effectiveness of these efforts.

Of course, organizations need to be aware not only of their own cybersecurity efforts, but also those of their vendors. Issues with vendor controls, for example, contributed to Yahoo’s massive breach that resulted in more than 500 million user accounts being compromised. Here, too, the profession is ready to help fight back. The AICPA is developing a new attestation examination and related guide (to be released in 2018) to address vendor supply-chain cybersecurity risks. This is another step toward nipping cyberattacks in the bud.

In today’s world, it seems no company or individual is immune from cyberattacks. But auditors are fighting back and helping businesses protect sensitive information.

Assuring Sustainability Reports

Auditors are also helping protect their communities by assuring information related to environmental, social and governance practices.

Sustainability reporting is becoming more prevalent as organizations start to feel pressure from investors and customers to show that they are meeting goals related to greenhouse gas emissions, water consumption, ethical labor practices, workforce diversity, corporate philanthropic initiatives and more. In fact, over 82% of S&P 500 companies publish some type of sustainability report, and 73% of portfolio managers and research analysts say that they take sustainability information into account when making investment decisions.

In response, the AICPA released a new guide in June to help auditors perform examinations and reviews of sustainability information. Attestation Engagements on Sustainability Information (Including Greenhouse Gas Emissions Information) helps auditors meet the demand for independent third-party verification on sustainability information, which in turn helps organizations demonstrate their commitment to environmental or social issues, promotes transparency and helps enhance or protect organizational reputations.

Auditors can help make sure that companies live up to their promises.

Providing Value Through the Use of Data Analytics

Just as the public is demanding assurance on more types of information, organizations are demanding more information about their business operations, period. And they want it faster than ever before. Here, too, auditors are stepping up.

Using audit data analytics, auditors can discover and analyze patterns, identify anomalies and extract useful information from the data underlying an audit – and they can do so on entire populations of information, rather than just samples. This has the potential to transform the way financial statements are audited, making them more effective and efficient.

Additionally, audit data analytics can be used at every phase of the audit. They can provide auditors with insights into past information and the cause of those past results, foresight into what might happen next, and offer a better understanding of what steps organizations should take in the future.

In other words, audit data analytics allow CPAs not just to identify what happened, but also why it happened, and what companies should do next.

In this way, CPAs are using the latest technologies to provide end users with more information than ever before, faster than ever before.

All these reasons and more – that’s why I’m #AuditorProud.

Susan S. Coffey, CPA, CGMA, Senior Vice President – Public Practice & Global Alliances, American Institute of CPAs.

 

     

Related Stories

• Key Facts about a New SAS on Exempt Offerings
• Is Your Firm Seaworthy?
• Is Your Firm Is Seaworthy?