Accounting for the Unexpected: The CPA’s Role in Crisis Readiness

By Amber Epling-Skinner, vice president of external affairs, The Ohio Society of CPAs

In the world of accounting, precision and preparation are the foundation of trust. But while CPAs are trained to forecast financial outcomes, many overlook a different kind of threat—the sudden, unpredictable impact of a disaster. Whether it’s a flood, cyberattack, pandemic, or extended power outage, disasters can disrupt operations, compromise sensitive data, and damage hard-earned reputations.

For CPAs, the stakes are especially high. Disaster preparedness isn't just about business continuity – it’s a professional responsibility that can protect your practice, your clients, and your license.

Why Disaster Preparedness Matters

For CPAs, disaster preparedness is not just a matter of operational convenience; it's central to fulfilling your role as a trusted professional. In times of crisis, the critical nature of the work you do only becomes more apparent.

Deadlines in the accounting world don’t wait for emergencies. Tax filings, audits, and regulatory reporting continue, whether or not your office has power or your systems are online. A hurricane, cyberattack, or extended outage can disrupt your ability to meet these obligations, putting both compliance and client trust at risk.

Moreover, CPAs are guardians of highly sensitive data. You work with confidential financial records, tax identification numbers, payroll details, and personal client information. In the event of a disaster – especially a cyber event – the risk of data breaches or loss increases dramatically. Without strong safeguards in place, your firm could face not only reputational damage but also serious legal and financial consequences.

Perhaps most importantly, your clients turn to you for leadership during uncertain times. When disaster strikes,

they don’t just need accounting—they need advice on emergency financing, insurance claims, and business recovery strategies. If your own systems are inaccessible or compromised, you won’t be in a position to support them when they need you the most.

The COVID-19 pandemic was a wake-up call for many firms—but it wasn’t the only one. Wildfires, hurricanes, and power grid failures have all underscored how vulnerable firms can be when disaster strikes. Those who had continuity plans in place pivoted with agility. Others struggled to maintain operations, some even closing permanently.

What these events made clear is that preparedness is no longer optional. It’s part of being a modern, responsible, and resilient CPA. In short, your ability to respond to a disaster isn’t just about protecting your firm—it’s about maintaining your professional duty to those who rely on you.

What Should a CPA Disaster Plan Include?

Every CPA firm—regardless of size—should have a formal disaster recovery and business continuity plan. Key components include:

• Data Protection and Backup: Use secure, encrypted backups stored off-site or in the cloud. Test recovery regularly.

• Cybersecurity Measures: Implement multi-factor authentication, up-to-date firewalls, and regular phishing awareness training.

• Communication Protocols: Create a communication tree for staff and clients. Prepare templates for emergency notifications.

• Remote Work Infrastructure: Ensure employees can securely access necessary systems from anywhere.

• Regulatory and Compliance Safeguards: Have processes in place to maintain compliance with IRS, AICPA, and state board requirements—even in emergency conditions.

• Insurance Coverage Review: Work with your carrier to ensure your policy covers data loss, business interruption, and cyber incidents.

Resources to Get Started

There’s no need to start from scratch. CPAs can access a variety of tools and checklists from trusted sources:

• IRS Disaster Relief Guidance – Updates on tax deadline extensions and compliance changes irs.gov/newsroom/tax-relief-in-disaster-situations

• AICPA Business Continuity Toolkit – Templates, risk assessments, and sample disaster plans aicpa.org

• OSCPA Member Tools and Transcript Backup – Store CPE records and access disaster learning resources ohiocpa.com

• Cybersecurity Checklist for Tax Professionals – Tips from the IRS on securing your digital operations irs.gov/tax-security

Final Thought: Be the Calm in the Storm

Your clients count on you to bring clarity in chaos. But to guide others through uncertainty, you must first secure your own practice. Investing time in disaster preparedness is not a distraction from your work—it’s an extension of your fiduciary duty. Because when disaster strikes, preparedness isn’t just a competitive advantage—it’s your professional lifeline.

Amber Epling-Skinner, OSCPA, Vice President of External Affairs