Skyscapes March 2011 Vol. 3 Issue 6
LIVING IN THE CLOUD Technology: A Blessing or a Curse During the Audit
Al Anderson helps you turn technology utilization into an asset during the audit.
Living in the Cloud
Mary MacBain provides tips for maximizing use and minimizing cost of living in the cloud.
An Overview of Laws Pertaining to Social Security Number Transmission over the Internet Nancy Cohen describes current laws in various states.
Conference News, KSCPA News, Member News, Chapter News … Member Profile … and more …
FROM THE PRESIDENT Greetings, This issue of Skyscapes, entitled “Living in the Cloud,” focuses on technology. Within the last 30 years, since “microcomputers” first found their way into the world of the CPA, the extent to which CPAs use technology has grown exponentially. Today, without a working computer loaded with a minimum of integrated productivity software, or at least a smart phone, I can safely say, we would truly be lost. In addition, most of us have additional “gadgets” and applications—multiple monitors, a Mac as well as a Windows laptop, LCD projector, digital camera, GPS, iPad or a similar tablet device, and the associated cables and battery chargers! Whew! Keeping track of all of these assets is a chore, but so critical, especially in light of the fact that these are not only “gadgets,” they are repositories of a wealth of our client, organization, and personal information. To help CPAs understand the initiatives most important to CPAs, for the past 22 years, the AICPA has surveyed members to determine the “Top Technology Initiatives.” For the first time, security was not identified as the number one topic/challenge. It is replaced with control and use of mobile devices. You can view the survey results in the article on page 16. You might be saying to yourself, “This is information overload!” Most organizations today do have IT support that is only a phone call away. All CPAs, however, are well positioned to provide business insight – that includes technology. All CPAs should be able to converse with their clients or managers at an appropriate level. This generally emphasizes governance and risk management, rather than detailed technology or computer science issues. Security and privacy of your client and organizational information, effectively using e-mail during the audit, and making decisions to use applications and store your data “in the cloud,” are covered in this issue of Skyscapes. That is only the beginning! I encourage you – no matter what your expertise – to raise your awareness of technology. Those who do, will be in a position to lead in the 21st Century. Warm regards,
John H. Bruckner, 78th President of the Kansas Society of CPAs
KSCPA Leadership Officers
John H. Bruckner, President, Designated AICPA Council Representative Robert J. Schuster, Vice President & President Elect M. Aron Dunn, Secretary/Treasurer Gary C. Allerheiligen, Immediate Past President
Board of Directors
Inside this issue... 12
Term Expires 2011
Richard K. Dinkel Johanna D. Lyle Greg B. Sevier Nathan L. Spearman Lisa P. Trout Virginia A. Powell, KSBOA Liaison Kyle J. Hawk, Elected AICPA Council Representative
Board of Directors
Board of Directors
Educational Foundation Board of Trustees Dan S. Deines, Chair John C. Rich, Vice Chair Norman P. Hope, Secretary/Treasurer John H. Bruckner Kyle J. Hawk Jeffrey J. Koch John W. Denney Kenneth A. Selzer Paul T. Mason
18 19 22 24
Political Action Committee Denis W. Miller, Chair James T. Clark, Treasurer DeAnn A. Hill Eric J. Larson Leon C. Logan Kathryn J. Mitchell Michael V. Rogers
KSCPA Team Mary R. MacBain, MS, CPA. CITP Executive Director Lauren Tice, Marketing & Communications Manager Teresa Keating, Peer Review Admin. & Event Planner Karen Mitchell, CPA Finance and Administration Manager Kevin Moravec, Marketing Assistant (Graphic Designer) Danielle Bulson, Marketing Assistant Editors: Mary R. MacBain, Editor-in-Chief Lauren Tice, Layout & Copy Editor Contributing Writers: Alan Anderson, CPA; Mary R. MacBain, MS, CPA.CITP; Nancy A. Cohen, CPA.CITP, CIPP; Melinda L. McLellan, JD The Kansas Society of Certified Public Accountants, Inc. 100 SE 9th Street, Suite 502 Topeka, KS 66612-1213 Phone: 785.272.4366, FAX: 785.272.4468
From the AICPA: Top Technology Initiatives
Read about the results of the AICPA’s 22nd annual Top Technology Initiative survey.
Term Expires 2013
James (Jim) K. Boomer Ginger L. Farney Carolyn C. George Mindi A. Ormiston Matthew (Matt) R. List
Nancy A. Cohen, CPA.CITP, CIPP and Melinda McLellan, JD, respond to a KSCPA member’s e-mail regarding sending social security numbers over the Internet.
Term Expires 2012
Chet Buchman M. George Durler Lewis R. Erickson Gregg C. Goodwin Michelle Schneider
Social Security Number Transmission - Overview of the Law
Technology: A Blessing or a Curse? by Al Anderson
Busy Season Stress Relief
Watch a video of a very cute panda playing at the San Diego zoo.
Legislative Reception Recap
A pictorial recap of the Legislative Reception held at the KSCPA offices on January 27, 2011.
Register for CPE Online
A step-by-step guide to registering for courses and conferences on KSCPA’s new website.
Find out more information on the conferences coming up in May. Plus, register for them online!
Mark Your Calendar
A complete list of events and conferences scheduled for the remainder of the year.
Living in the Cloud by Mary MacBain
An Interview with Secretary of Revenue Nick Jordan
Watch the interview with Secretary Jordan conducted by KSCPA Executive Director Mary MacBain.
When Disaster Strikes, Volunteer
Learn about the KSCPA’s commitment to the IRS’s Volunteer Disaster Assistance program.
28 32 34 35
KSCPA News Members in the News New Members
“20 up to 40” - Day on the Hill
Statements of fact and opinion are made by authors alone and do not imply an opinion on the part of the officers or members of the KSCPA. Publication of an advertisement in Skyscapes does not constitute an endorsement of the product or service by Skyscapes or the KSCPA. Copyright © 2011 Kansas Society of CPAs; Topeka, KS. All rights reserved.
Skyscapes | March 2011
Technology: A Blessing or a Curse During the Audit By Alan W. Anderson, CPA President, ACCOUNT-ability Plus
pace of technology change continues to move at what seems to be nearly the speed of
light and shows no real signs of slowing down. What is considered a new technology today is old technology tomorrow. In contrast to the speed of change in technology, consider the speed of change in the audit world. Unfortunately, audit processes and approaches have not changed in what seems to be light years.
Many firms jumped on the technology bandwagon over the past several years but frequently question their return on investment through enhanced efficiency and improved audit effectiveness. Bill Gates is quoted at stating, “The first rule of any technology used in a business is that automation applied to an efficient operation will magnify the efficiency. The second is that automation applied to an inefficient operation will magnify the inefficiency.” Unfortunately, many firms unknowingly followed Mr. Gates’ second rule and have applied technology to inefficient processes. The end result has been minimal improvement in efficiency and effectiveness, at best. While many firms wanted their technology investment to be a blessing, it just hasn’t turned out that way.
The good news is that is not too late. You can turn the tide and have technology utilization become a tremendous asset in your audit process. The remainder of this article will offer some ideas and suggestions for you to consider that can enhance the benefits of the use of technology in the audit process.
© Copyright 2011 Alan W. Anderson, used with permission.
Technology Down “PAT”
Most firms believe technology is the solution to improving efficiency without first fully determining the reasons why the audit is inefficient. Is the audit inefficient because of poorly trained audit staff, an inefficient audit approach, or both? Before adding technology in any firm, I recommend you follow the “PAT” process. “PAT” is an acronym that refers to:
People Audit Approach Technology Without question, technology can support and enhance your staff’s effectiveness. Thus the “PAT” process begins with people (P). You should first determine what their needs are and what could be causing them to be inefficient. One way to determine staff needs is to perform a technology skills assessment or survey to identify technology strengths and skills gaps. These gaps are the primary impediment to enhancing their audit technology effectiveness. The technology skills assessment can be a self assessment and should cover the broad array of technologies in use at the audit firm from basic computer operation to use of data extraction tools. The self assessment should be easy to complete and could simply be a 1 through 5 rating system with a “1” meaning, having no knowledge or experience and a “5” meaning, they have a great deal of knowledge in that area. With every person in the firm using technology in their roles, the survey should be given to everyone in the firm. Very often this assessment will identify that the audit firm assumed a higher level of technology skills across the firm than actually exists. In this case, better utilization of the firm’s technology tools could be achieved by simply providing additional training for the staff. The next step would be to review your audit approach (A) for desired efficiencies. As discussed above, an inefficient audit approach will likely become even more inefficient when technology is added to the mix. Performing an audit operational assessment will go a long way in improving your audit process to help you better utilize existing technologies or to add new technologies. Simply put, if you believe the question or issue can be best answered though a back and
forth dialogue with the client, do not use e-mail, as it would be ineffective and inefficient. An audit operational assessment is a process where you review all phases of the audit and the procedures that are performed to determine where opportunities for improved workflow or where inefficiencies exist. Once these are determined, the audit team would identify suggested changes to approaches and procedures to improve efficiency and effectiveness. Finally, your last step in this process would be to identify the technology (T) that would meet the needs of your people that will also facilitate the revisions to the audit approach. This step can also result in making changes to the way the audit firm uses their existing technology tools. Placing the “P” and the “A” in front of the “T” will go a long way toward turning your use of audit technology into a blessing rather than a curse.
Extraction – A Golden Opportunity
Virtually every audit firm has made some sort of an investment in data extraction tools. However, many of these audit firms have not been successful in implementing these tools to gain the desired efficiencies and enhancements to the effectiveness of the audit. Proper use of data extraction tools can dramatically improve the quality of the audit and reduce the overall time required to perform certain audit procedures. Data extraction, for example, can be used to analyze large volumes of data quickly that can result in being a complete review of all of the transactions rather than a sample. Just think how positively this can be for the audit process, examining 100% of the transactions in far less time than it would take the auditor to manually review a sample of the transactions. If you want to increase the use of data extraction in your firm, consider applying the “PAT” approach. Start with “P,” your people. You can survey them to assess their skills in the use and understanding of your firm’s data extraction tools. Most often, you will find that your staff know how to run the data extraction tools or can figure it out fairly quickly. However, they generally don’t know when or how it could be used to positively impact the audit approach. If this is the case, your firm should conduct a data extraction training session that works with live client data. I call training sessions that work with live data, “reality based learning” sessions. These sessions, in which the staff gains the understanding on a “live” client,
Skyscapes | March 2011
there is the expectation that the work performed on the client is real and useful to the engagement. The staff has a vested interest in listening and learning because they know the firm has an expectation that they should be using data extraction techniques on their audit clients. Your next step, the “A” in “PAT,” would to review your audit approach for data extraction opportunities. Most audit clients have several areas where data extraction can be used to enhance both efficiency and audit quality. Oftentimes, the audit team can determine areas when data extraction could be used, but when the audit is performed, they very often don’t use data extraction. In many respects, this occurs because those procedures are not built into the audit program. Most standard audit programs reference audit procedures but seldom recommend that they be performed using data extraction techniques. Consideration should be given to designing your audit approach to clearly state on the audit program that certain audit procedures should be performed using data extraction. Doing so will dramatically increase the use of data extraction on your audits. Once you have determined your people needs and audit approach plans for data extraction, you should review capabilities of your data extraction technology, the “T” in “PAT.” It is important to make certain that your existing technology will effectively handle your data extraction needs and that it matches the skill set of your staff. There are several data extraction tools on the market today all of which have certain strengths and shortcomings. Performing such a review will allow you to select the best tool for your needs which will help increase the likelihood of turning data extraction into a technology “blessing” rather than a “curse.”
An article covering technology in the audit process would not be complete without a brief discussion covering the importance of protecting your client’s data. Do you ever stop to think about how much client data is contained on every laptop and PDA in your firm? The loss or theft of a laptop or PDA could mean disaster, even if all devices are encrypted. Effective client data protection starts with the audit staff maintaining a serious data security attitude on two fronts.
First, consider how much data is really needed and in how many locations. The audit staff should adopt an attitude of “once is enough.” This means once the client data is received and placed in the electronic audit workpapers, all other copies should be deleted. This would include deleting client e-mail and attachments if the data arrived via an e-mail. Also, if your PDA delete features are not synced with your email, then you must remember to delete the email from your PDA as well. The “once is enough” policy would also extend to client file folders that audit staff typically set up on their hard drives. Client file folders should not contain client data once the data has been placed in the audit workpapers. If the data is not needed, return the data file to the client immediately upon completion of the review of the data. Also make certain that all replicas of the data file have been deleted from all of the computers of the audit staff that had access to the client data file. The second front is physical security. The general rule of thumb is to keep your laptop or PDA with you at all times. When you are working at a client during fieldwork, the greatest risk to the auditor is the time when your work area is vacant. You should be conscious of the location of your work area to the ease of access by outsiders when the room is vacant. What do you do with your laptop when you leave the client location for lunch? Meal times are the prime times for thieves to check vacant rooms or offices for unattended laptops. Adopt good practices for storing your laptop or PDA when traveling to and from your client. Audit staff should adopt an “out of sight, out of mind” attitude. This will reduce the likelihood placing the laptop in the front seat of the car and cause them to place it in the trunk every time they are in their vehicle. Thieves generally take the path of least resistance and would go for the laptop sitting on the front seat of the car rather than breaking into the trunk not knowing if a laptop is even there. The ultimate curse of technology is a lost laptop containing a tremendous amount of client data. If you have ever lost a laptop, I am certain you can relate. Your data security attitude is changed forever due to the pain and stress of dealing with all the issues surrounding a lost laptop.
In Conclusion Use of technology in the audit process can and should be a catalyst for enhancing audit efficiency and audit quality. Placing your people needs and audit approach plans at the forefront of any technology decision is the key to success. These steps will get your technology use down PAT.
members’ A&A services. This article is the sixth of a series of 13 articles to be published over the next year. We asked Al to create articles that will stand the test of time and at the same time create a vision for how CPAs can stay relevant by adding value to their clients and organizations they serve. You can look forward to the following topics:
Alan W. Anderson - Bio Al has over 25 years of experience in the accounting profession. After working primarily as a partner and National Director of Audit in the firm of McGladrey and Pullen, LLP and with the American Institute of CPAs as Senior Vice President of Member and Public Interest, Al founded ACCOUNT-ability Plus headquartered in Minneapolis. Prior to starting his new company, Al led the firm of LarsonAllen, LLP in coordinating accounting and assurance services across industry groups as the Managing Principal of Accounting & Assurance Services. As President of ACCOUNT-ability Plus, Al is building a company to address the educational needs of auditors and to help push the vision of those he teaches to exceed client expectations by providing relevant services and meaningful information using real-time methodology. Al’s experience in the world of auditing reaches far and wide. This includes helping to standardize the global audit approach of McGladrey and Pullen, overseeing the AICPA’s technical audit and accounting standards, including self-regulation and the CPA examination and implementing paperless solutions. Al served as Chair of the AICPA Assurance Services Executive Committee for 6 years and continues to lead task forces of the Committee.
The Sixth in a Series of “ANDERSON’S AUDIT EXPRESS” The KSCPA is excited to that Al Anderson is committed to helping the Society enhance the quality of the Accounting & Auditing (A&A) professional development and, therefore, the quality of our
“Fieldwork Complete…Is the Audit Complete”
“Evolving Risk Landscape and Its Impact on the Audit Opinion:
“Total Client Service: Did you deliver all of Your Services, or Just the Audit?” “De-commoditizing the Audit—A Pipe Dream?”
“What Brings Value to the Audit? Value-Based Audits?”
“The Characteristics of an Auditor” “The Goal of the Audit”
Register for “ANDERSON’S AUDIT EXPRESS” Today! Each article is supplemented with a video webcast or podcast produced and delivered by the KSCPA. Go to www.kscpa.org for the complete list of live webinars. Register on the KSCPA website, or call 785.272.4366 for more information. Webcasts that provide 2 hours of A&A CPE are $79 each.
Al will also be providing A&A courses in our PD catalog, speaking at conferences, and is available for in-firm training, including a new offering “Reality Based Learning.” Our member’s appetite for information continues to increase and the methods by which this information is delivered are changing. The KSCPA is embracing this adaptation by establishing professional development programs that address the education demands with a variety of delivery mechanisms. Contact Mary MacBain at email@example.com for further information.
Skyscapes | March 2011
Living in the “Cloud” by Mary R. MacBain, MS, CPA.CITP, Executive Director, KSCPA
Then… Back in 1965, when I was in high
Still True… The “cloud,” as we think of it
Now… Today, I use my Sprint services and
A Paradigm Shift… In 1999, Kevin
school, I spent a lot of time at the record store, going through the “vinyl music albums.” My favorite group back then was The Rolling Stones. And, oh, yes, one of my favorite songs was “Get Off of My Cloud.” a Samsung Epic 4G to watch Mick Jagger on YouTube, flopping his arms around and singing, “Hey you, get off of my cloud / Don’t hang around ‘cause two’s a crowd on my cloud.” And I think to myself, “This song is a metaphor for tranquil days gone by when I was perfectly satisfied with a transistor radio. Now, I’m always plugged in, ‘Living in the Cloud.’” “Cloud” is now a metaphor for the Internet and has dramatically changed the world we live in, including the music industry. No longer do I, or others, sift through records or even CDs at the brick and mortar store. These stores are closing. Sony closed a major CD-manufacturing plant in New Jersey after 50 years of producing albums and CDs, while “cloud-based music services” are popping up everywhere!
today, is mysterious to most of us, yet so real. As discussed in Al Anderson’s article, “Technology: A Blessing or a Curse During the Audit,” the “cloud” represents more and more of the technology we use. Kelly published a book entitled, New Rules for the New Economy. At that time, the “cloud” was beginning to take shape as forward-thinking companies began to capitalize on the availability of communication over the World Wide Web to deliver their applications and to receive and store data at a central location so end-users could work anywhere at any time. Service bureaus evolved into application service providers (ASPs) using Virtual Private Networks. “Cloud” computing today is becoming a “utility” where the general public has access to networks, servers, storage, applications, and services, creating a dynamically scalable and cost-effective way to work and play. Kelly’s vision for a networked economy in 1999 certainly appears to have come true as we take stock of reality today (see table below). The “cloud” has eclipsed the horrors of George
Orwell’s 1984 and we are moving toward a peerdriven, integrated world. Case in point: the recent events in the Middle East proving that access to the Internet with “public” applications (social media) can be used to supersede the political and natural forces and keep communication alive.
What is “the Cloud”? Okay, if you are
still scratching your head and asking yourself, “What is this ‘Cloud’?” you are not alone. I am frequently asked this question. We are all living in the “cloud” now, and no matter how protective Mick Jagger tried to be of his space, your cloud is getting very, very crowded, and you might not even realize how many applications you are using. Furthermore, you may not know where your data is located (US, Canada, India, Russia, Ireland?), who has access to that data, who owns the company, or anything else about this mysterious place we trust. Just like a natural cloud, that data can be and move anywhere and released, raining on a lot of parades, if you are not careful. The purpose of this article is to help you understand what the “cloud” is and what questions you should ask about “cloud” applications before implementing them. Small to medium-sized businesses can benefit from living in the “cloud,” and this article outlines some best practices for managing what we use in the “cloud.”
Kelly’s Vision: 1999 The net is our future. Technology has become our culture, our culture technology. In the network economy, the more plentiful things become, the more valuable they become. What can you give away?
In essence, living in the “cloud” means accessing applications over the Internet using a browser and sharing resources (servers, data storage, applications, services, etc.) with others. There is greater access to a broad range of applications at no cost or for a monthly or annual licensing fee. Most accountants are familiar with vendors who provide applications as Software-as-a-Service (SaaS), including Microsoft, Thomson Reuters, Google, NetSuite, CCH, and Intacct.
Why Should I Live in the “Cloud”?
Besides lower initial cost (over using your internal network), you don’t need the associated technical staff to maintain the infrastructure and update the applications, and there may be some cost savings on the internal infrastructure. “Cloud” computing is very flexible, in that it allows you to grow into a product as your organization and needs emerge. For example, you may start with a free version and move to a monthly licensing fee. You may start with a 5-user license on a hosted Microsoft Exchange server, like we did here at the KSCPA, and then add a new user with a per user additional fee. This scalability allows you to continuously upgrade without the cost of implementation. Further, the “cloud” is available anywhere at any time. For a small business where the owner may process payroll, using a “cloud” application means not being tied to the desk on a certain day.
Our Reality: 2011
The future is now. Social networking is the means to our communication, and communication is what makes us diverse and human. The more hits on your website, the higher your stock value.
In the cloud, it appears to be free, and is to a point, until you want more, and then it’s unlimited for a fee, so it still appears to be free. The net is moving irreversibly to include every- Internet usage grew 445% from 2000-2010. thing in the world. Almost 2B people use the Internet today (30% of the world’s population). People will inhabit places, but increasingly the Much of the economy today is in space, with economy inhabits a space. unlimited dimensions – the “cloud.” If the system settles into harmony and equilib- Innovation today keeps the world in a state rium, it will eventually stagnate and die. of flux, and the applications emerging in the “cloud” create a never-ending supply of possibilities. The central economic imperative of the netThe “cloud” has the ability to increase the work economy is to amplify relationships. quantity and quality of economic relationships by expanding the applications and technology available to the masses. Don’t Solve Problems; Seek Opportunities. Those who capitalize on the opportunities create not only opportunities for themselves, but for others as their inventions spawn new inventions (e.g. My Space to Facebook).
Still in its Infancy … Living
in the “cloud,” as crowded as it may seem, is still in its infancy. So, I don’t recommend throwing caution to the wind, firing your IT support, throwing out your servers, and totally living in the “cloud.” There are still legacy applications that are rightfully located internally. Like an infant, s/he crawls before s/he walks, and s/he walks before she runs.
Before Running to the “Cloud,” Consider This …
What’s preventing a lot of accountants from running to the “cloud” is security and privacy. To make the move more palatable, partner with a reliable vendor who complies with Service Organization Standards and, if possible, provides you with a current backup of your data. At Skyscapes | March 2011
a minimum, you need to be satisfied with the vendor’s backup and security procedures and that their service level agreement (SLA) is clear about how soon and in what form you will receive your data, if the contract with the vendor is terminated. You want to avoid “vendor lock-in.” For productivity applications, like Microsoft Exchange, ideally you need an electronic backup. In the case of our payroll, we do have .pdf’s of the reports and a binder with hard copies. In his March 2, 2011 article, “Seven Tough Questions for the ‘Cloud,’” Rick Telberg, editor of CPATrendlines.com, suggests asking a vendor to answer these seven questions:
Some other important considerations in making the transition to living in the “cloud” are: 1. Ensure that the “last mile” that gets you to the “cloud” is fast and reliable. Just because you are living in the “cloud” doesn’t mean you don’t need the technical expertise and internal infrastructure to make sure you are living on the club level and not in a room next to the kitchen.
1. What is your service level agreement (SLA)? This is the uptime the vendor promises when you will have access to the software. What happens if the vendor is down?
2. Plan and test the transition from your current legacy system to the “cloud” application. How will the data be transferred and accuracy confirmed?
2. Do you have a disaster recovery (business continuity) plan? Get a copy and determine just what the vendor will do in case of an emergency.
3. If you need to provide an interface between the “cloud” application and an internal legacy system, coordinate this with your IT support, the “cloud” application vendor, and the support team at the legacy system. This is something we had to do when we implemented our new website. We’re still using our legacy membership system, and we couldn’t have succeeded without cooperation among these three vendors and the KSCPA team.
3. Can you provide documentation of your uptime for this year and the last year? This information should be available. 4. How do you communicate problems, outages, and fixes to your customers? (e.g. Twitter, Facebook, e-mail) 5. How are backups implemented and how long is my data kept? 6. Who has access to my data and/or the hardware on which it is running?
7. How is redundancy implemented within your environment? Are there spare disk drives, servers, power supplies, internet circuits?
Controlling the Applications in the “Cloud”… Living in the “cloud” has much broader application than adopting, for example, web-based CS Professional Suite from Thomson Reuters. When I started to think about this article, it dawned on me that
at the KSCPA we are taking advantage of the “cloud” to expand the number of applications available to us not only for our website with a secure firewall and for our payroll, but also to enhance our productivity. For example, when we did an extensive membership survey in late 2009, rather than creating our own survey using Microsoft Access, we opted for Survey Monkey. We decided that we wanted unlimited use of the software, so rather than taking advantage of the BASIC Plan, we opted for the PRO Plan with an annual fee of $200 per year. As our use of “cloud” applications began to grow, I then began to think about the fact that this entire thing could get way out of control (see table of current KSCPA applications above). So I put on my “accountant’s hat,” and here’s what I recommend…
Setup an Account in the General Ledger… Use this account to track “cloud”
computing license fees. True, living in the “cloud” is initially less expensive than hosting the applications internally. Because of the flexibility, some of the applications may come and go. You may only need to use the application once, for a year, or permanently. You need a way to track what you are using and when to terminate what is generally an automatic payment arrangement. Since some “cloud” applications are free , some have license fees - usually paid by credit card - and most have a user name and password involved, use a spreadsheet that lists the following items: Title of Application Purpose Users URL User Name – Many “cloud” apps are shared so we use the same user name/password Password License Fee Payment Frequency (Month or Year) Auto or Manual Pay – For annual license fees, suggest manual Renewal Date – Day of the month for monthly or annual renewal date Credit Card Used – Use the same credit card for all apps; update when new card is issued Monthly Expense – Budget this expense Data – What data are you sending to the “cloud?” Backup – Do you have a backup for this data, and where is it located?
Not that you need “‘cloud’ police,” but when a new “cloud” application is used in an organization - and data is sent over the Internet someone needs to take responsibility for confirming the reliability of the vendor, what data is being transferred, when the data is deleted, if that data is backed up, and the cost. Control over the applications also prevents multiple people from signing up for the same application when it can easily be shared.
If Mick Jagger and Keith Richards rewrote their song today, they might be saying “Hey, you, get onto my ‘cloud.’” Not only does the “cloud” open up small- to medium-sized businesses to a multitude of opportunities to be more productive, the “cloud” also provides the means for organizations and individuals to advertise and network. So, my advice is to attempt to understand as much as possible, control what is being used, and don’t shy away from this incredible opportunity.
About Mary… Mary is the Executive
Director of the Kansas Society of CPAs. As a
professional accountant for more than 25 years, Mary MacBain has dedicated her energies to helping individuals and organizations transform problems into solutions. Mary is responsible for implementing the strategic plan of the KSCPA leadership. She focuses her energies on member services, professional development, technology, legislative affairs, peer review, and ethics. Mary has spent most of her career as an information systems consultant, the “bridge” between users of business information and technology. She applied her extensive experience implementing systems when enhancing business reporting to achieve near "real-time" information and paperless offices. Mary received a Bachelor of Arts degree from Western Illinois University and a Master of Science in Accounting from Wichita State University and holds a permit to practice as a CPA in the state of Kansas.
Skyscapes | March 2011
An Overview of Laws Pertaining to Social Security Number Transmission over the Internet
By Nancy A. Cohen, CPA.CITP, CIPP Senior Technical Manager - Quality Control, Research & Development Specialized Communities & Practice Management, AICPA, Durham, NC With comments by: Melinda L. McLellan, JD Associate Privacy & Information Management Hunton&Williams, New York, NY
DISCLAIMER: The following remarks are provided for informational purposes only, and are not intended as legal or accounting advice. This document has not been approved, disapproved, or otherwise acted upon by any senior technical committees of, and does not represent an official position of the American Institute of Certified Public Accountants, the firm of Hunton & Williams LLP, or the Kansas Society of CPAs. It is distributed with the understanding that the contributing authors and editors, and the publisher, are not rendering legal, accounting, or other professional services and are not creating a client relationship with the reader. If legal advice or other expert assistance is required, the services of a competent professional should be sought.
An e-mail from a KSCPA member: I have heard at both CPE programs and from my tax software vendor that there are 7 states that have passed privacy laws that prohibit the sending of documents containing social security numbers (such as tax returns) by e-mail unless the file is encrypted. They are not talking about passwords, but encryption software. It was reported that California and Arizona are among the seven states; however, I don’t know the other five. Presumably, a Kansas CPA could unknowingly violate this law by sending a tax return by e-mail to a retired client in another state. Have you heard of this? We asked Nancy A. Cohen, CPA.CITP,CIPP and Melinda McLellan, JD to respond.
Nancy’s Response: Laws requiring companies and/or state agencies to disclose to consumers security breaches involving personal information are currently enacted in 46 states, the District of Columbia, Puerto Rico, and the Virgin Islands. [Click here for a link to these laws on the AICPA website.] More than 30 states have laws limiting how Social Security numbers (“SSNs”) can be collected, used, and disclosed. These vary from state to state. Nancy Cohen Below is a list of states that prohibit entities from requiring individuals to not send SSNs over the Internet unless they are encrypted. The list is based on current research and may not be completely up-to-date. Members should seek legal advice as each state law has its subtle differences. 12
Note that this list of state laws deals with the protection of social security numbers as it relates to the request by an organization from an individual and is different from the states that require encryption of the transmission of personal information - which at this point is only Nevada and Massachusetts. However, when you look at the breach notification laws of the other states - if there is a breach, and that data is not encrypted –then the organization is liable. Nevada and Massachusetts are the only states that require encryption straight out – the others have exceptions when encryption is to be used. Regardless of whether there is a state law requiring encryption, best practices advise that social security numbers or personally-identified information never be e-mailed. Consideration should be given to using a portal between the client and the tax preparer. [Click here] for a link to an article in the Journal of Accountancy on the topic of client portals.
Melinda’s Response: There are two states, Massachusetts and Nevada, that have laws that explicitly require the encryption of certain personal information (including SSNs) when such information is being emailed. Other states may be considering similar laws, or may have laws that require companies to comply with the Payment Melinda McLellan Card Industry Data Security Standard, which pertains to the collection, use and transmission of payment card data. Although California does have a number of strict privacy laws, I am not aware of a California law that specifically requires the encryption of emails containing SSNs. Kansas does not have an encryption law of this nature, nor does Missouri, although both have breach notification laws that may require a business to notify affected individuals if personal information is accessed by an unauthorized party. The Kansas and Missouri breach notification requirements apply only if the personal information involved is not encrypted, so encrypting emails containing SSNs is strongly advised even if it is not legally
mandated. The Massachusetts and Nevada laws apply to businesses that maintain personal information on residents of those states and are not contingent on the location of the business. So, whether or not a business is based in Massachusetts, if it maintains and transmits the personal information of Massachusetts residents via email, then the encryption obligation applies. Given that state laws of this nature are enforced by state attorneys general, the risk of an enforcement action likely is greater for large companies within the state, or national companies with a significant presence in the state. That said, early adapters who implement robust data protection policies and procedures now will benefit down the road as encryption laws and other information security regulations become the norm rather than the exception. For reference, below are links to informational blog posts that outline the Massachusetts and Nevada laws.
[Click for a blog post on Nevada] [Click for a blog post on Massachusetts]
Risk Management Conference May 16 - Overland Park
We are pleased to announce our 2nd risk management conference entitled, “Risk Management Conference – Creating a Risk Intelligent Enterprise: Best Practices in Risk Management and Security & Privacy.” Melinda is a speaker at the conference along with Rick Funston. Register for this conference today. [Click here to register] Skyscapes | March 2011
State Laws: Social Security Numbers Massachusetts and Nevada currently have the strictest encryption laws on the books. Massachusetts – M.G.L. c. § 93H - Every person that owns or licenses personal information about a resident of the Commonwealth and electronically stores or transmits such information shall include in its written, comprehensive information security program the establishment and maintenance of a security system covering its computers, including any wireless system, that, at a minimum, and to the extent technically feasible, shall have encryption of all personal information stored on laptops or other portable devices; and for files containing personal information on a system that is connected to the Internet, there must be reasonably up-to-date firewall protection and operating system security patches, reasonably designed to maintain the integrity of the personal information. Massachusetts law applies to every company that has customers/clients that reside in Massachusetts, regardless of where the company is located. Nevada – SB227 - A data collector doing business in this State shall not transfer any personal information through an electronic, nonvoice transmission other than a facsimile to a person outside of the secure system of the data collector unless the data collector uses encryption to ensure the security of electronic transmission; or move any data storage device containing personal information beyond the logical or physical controls of the data collector or its data storage contractor unless the data collector uses encryption to ensure the security of the information. Nevada’s law does not clearly define what doing business in the state entails. Other states may have requirements for business to protect personal information. For example, California requires businesses that own or license personal information about Californians to provide reasonable security for that information. In this context, the Nevada encryption law above is unique in mandating the use of a particular security measure, rather than simply “reasonable” security procedure. The state laws mentioned below are regarding the protection of Social Security Numbers. These states specifically mention the use of encryption with respect to the request of social security numbers by electronic transmission by the entity from the consumer, which is different from the tax preparer sending email containing social security numbers. Alaska – A.S. § 45.48.400 - A person may not require an individual to transmit the individual’s social security number over the Internet unless the Internet connection is secure or the social security number is encrypted. Arizona – Rev. Stat. § 44-1373. A person or entity may not require the transmission of an individual›s social security number over the internet unless the connection is secure or the social security number is encrypted. Arkansas – Ark. Code Ann. § 4-86-107 - A person may not require an individual to transmit his or her social security number over the Internet unless the connection is secure or the social security number is encrypted. California – Cal. Civil Code § 1798.85. A person or entity, not including a state or local agency, shall not require an individual to transmit his or her social security number over the Internet unless the connection is secure or the social security number is encrypted. Colorado – Colo. Rev. Stat. § 6-1-715 - A person or entity may not require an individual to transmit his or her social security number over the internet, unless the connection is secure or the social security number is encrypted. Connecticut – Conn.Gen. Stat. § 42-470 - No person shall require an individual to transmit such individual’s Social Security number over the Internet, unless the connection is secure or the Social Security number is encrypted. Georgia – O.C.G.A. § 10-1-393.8 – A person, firm, or corporation shall not require an individual to transmit his or her social security number over the Internet, unless the connection is secure or the social security number is encrypted. Hawaii – Haw. Rev. Stat. § 487 J-2 - A business or government agency may not require an individual to transmit the individual’s entire social security number over the Internet, unless the connection is secure or the social security number is encrypted. For purposes of this paragraph, “encrypted” means that an algorithmic process has been used to transform data into a form in which the data is rendered unreadable or unusable without the use of a confidential process or key. 14
Illinois - § 815 ILCS 505/2RR - A person may not require an individual to transmit his or her social security number over the Internet, unless the connection is secure or the social security number is encrypted. Maryland – Md. Code Ann. Com. Law § 14-3402 - A person may not require an individual to transmit the individual’s Social Security number over the Internet unless the connection is secure or the individual’s Social Security number is encrypted. Michigan – Mich. Comp. Laws § 445.81 - A person shall not intentionally do any of the following with the social security number of an employee, student, or other individual: Require an individual to use or transmit all or more than 4 sequential digits of his or her social security number over the internet or a computer system or network unless the connection is secure or the transmission is encrypted. Minnesota – Minn. Stat. § 325E.59 A person or entity, not including a government entity, may not require an individual to transmit the individual’s Social Security number over the Internet, unless the connection is secure or the Social Security number is encrypted. Missouri - § 407.1355. 1 - A person or entity, not including a state or local agency, shall not require an individual to transmit his or her Social Security number over the Internet, unless the connection is secure or the Social Security number is encrypted. New Jersey – NJ Stat Ann. § C.56:8-164 - No person, including any public or private entity, shall require an individual to transmit his Social Security number over the Internet, unless the connection is secure or the Social Security number is encrypted. New Mexico – N.M. Stat. Ann. § 57-12B-1 et seq. - A person shall not make the entirety of a social security number available to the general public. This prohibition includes requiring use of a social security number over the internet without a secure connection or encryption security. New York – NY Gen. Bus. Law § 300-dd - No person, firm, partnership, association or corporation, not including the state or its political subdivisions, shall require an individual to transmit his or her social security account number over the internet, unless the connection is secure or the social security account number is encrypted. North Carolina – NC Gen. Stat. § 75-62 – A business may not require an individual to transmit his or her social security number or any portion thereof of six digits or more over the Internet, unless the connection is secure or the social security number is encrypted. Pennsylvania – S.B. 601 - A person or entity or State agency or political subdivision shall not require an individual to transmit his or her Social Security number over the Internet unless the connection is secure or the Social Security number is encrypted. Oklahoma – Stat. tit. 40. §173.1 - Any employing entity located in this state shall not require an employee to transmit their social security number over the Internet, unless the connection is secure or the social security number is encrypted. Relates to Employment Law. Rhode Island – R.I. Gen. Laws § 6-48-8 - A person or entity, including a state or local agency, may not require an individual to transmit his or her social security number over the Internet, unless the connection is secure or the social security number is encrypted. South Carolina – S.C. Code § 37-20-180 - A person may not require a consumer to transmit his social security number or a portion of it containing six digits or more over the Internet, unless the connection is secure or the social security number is encrypted. Texas - Tex. Bus. & Com. Code Ann. § 501.001 - A person, other than a government or a governmental subdivision or agency, may not require an individual to transmit the individual’s social security number over the Internet unless the Internet connection is secure; or the social security number is encrypted. Vermont – 9 V.S.A. § 2440 – A business may not require an individual to transmit his or her Social Security number over the internet unless the connection is secure or the Social Security number is encrypted.
Skyscapes | March 2011
FROM THE AICPA
AICPA Top Technology Initiatives for 2011 Survey Results Released
Surging Business Use of Mobile Devices is Top Business IT Challenge The proliferation of smartphones, tablet computers and mobile devices in the workplace emerged for the first time as the top business technology concern for CPAs and financial executives, according to the 2011 Top Technology Initiatives Survey by the American Institute of Certified Public Accountants. The 22nd Annual AICPA Top Technology Initiative survey, shows control and use of mobile devices was the number one challenge for IT professionals. The finding was based on responses from nearly 1,400 CPAs nationwide specializing in information technology. In addition to mobile devices, the survey signaled future IT issues will revolve around
implementation of touch-screen technology, deployment of faster networks and voice recognition technology. “The surging use of smartphones and tablets means people are doing business, exchanging sensitive data wherever, whenever they want to,” said Ron Box, CPA/CITP, CFF. “The technology is advancing so rapidly that the capabilities for controlling and protecting the information on mobile devices is lagging behind. What was once as simple as losing your phone, could now create an enormous security risk for organizations.” “Driving business value while managing risk means using technology solutions like
encryption and asserting policy controls over what you can and can’t do remotely,” said Joel Lanz, CPA/CITP, CFF. “This is forcing IT professionals to think anew about how to manage networks and will now require a whole new level of communication with users.” “This year’s results revealed a sharp focus on IT value - return on investment - coupled with unceasing attention to data security,” Box said. Mobile devices are receiving more attention as technological advancement shifts productivity tools from desktops to pockets amid increasing reliance on mobile applications. According to researcher Gartner Inc., some 117 billion applications will be downloaded to mobile devises worldwide by the end of this year.
Top Technology Initiatives 2011 ranking:
information officers. The top five mostly likely are: • •
Is our information security policy adequate? Are we ensuring that our data and technology resources are protected against hacking, viruses or other compromises? Are our current internal controls and IT governance policies and procedures effective? How can we best implement document retention and e-discovery policies? Can our data remain safe if we utilize cloud computing/software as a service (SaaS) services?
Looking over the horizon more than a year from now, CPAs were asked for the first time in this survey to predict the technologies they foresee rising in importance. The top future technologies are:
Control and Use of Mobile Devices
Implementation of voice recognition
Data Retention Policies and Structure
Deployment of faster 100GB LAN networks
Staff and Management Training
Digital signage and displays
Process Documentation and improvements
Introduction of Internet Protocol version 6 (IPv6)
Saving and Making Money with Technology
Technology Cost Controls
Project Management & Deployment of New Technology
The Top Technology Initiatives survey was conducted electronically among AICPA members from Jan. 13 to Jan. 26. With 1,397 responses, the margin of error was plus-orminus 2.6 percentage points. Complete survey results are available online.
The survey asked CPAs to identify the top technology questions asked by audit committees, chief financial officers and chief Skyscapes | March 2011
Busy Season Stress Relief
Think Spring Click Here for a Stress Relief 2-minute Video 18
Legislative Reception - January 27, 2011
Skyscapes | March 2011
KSCPA Holds First Session of 2011 “20 up to 40” Leadership Program Trisha Spader, Young Professionals Committee Chair
Walking to the Statehouse.
Meet and Greet at the KSCPA office.
Inside the Statehouse tunnel. At the House.
PAST EVENTS Scavenger Hunt at the Statehouse.
Education on Legislation.
At the Governorâ€™s desk.
At the Senate. Touring the Kansas Department of Revenue.
Skyscapes | March 2011
How to Register for CPE on KSCPA’s New Website In late January, the KSCPA launched its new website. One new feature of the website is complete online registration. Members can now register for courses, conferences, and chapter meetings plus submit payment all online. To register for these events, simply follow these steps.
Step 1: Log-In To guarantee you are receiving member pricing, make sure to log-in to the website. If you have not been to the website since the new one launched, use the e-mail address you have registered with the KSCPA and your member ID number. If you don’t know what either of these are, contact the KSCPA at 785.272.4366.
Step 2: Click on Professional Development The Professional Devlepment section is your go-to place for all your CPE needs. Search the complete listing of KSCPA-sponsored courses and conferences, view available alternative CPE options, sign-up to be a course administrator, catch up on CPE regulations, and read the KSCPA CPE policies.
Step 3: Access the Course Calendar Click on “Conferences & Courses” listed in the far right column of the Professional Development page to access the course calendar. Here you can scroll through the entire listing of courses or you can narrow your options by adding search criteria.
Step 4: Select a Course Scroll through the list of course and conference offerings and select the course or conference that best fits your needs. Once you click on the course, you will be able to view all the details regarding the course, including the recommended number of CPE credits, the instructor, knowledge level, vendor, course description, course objectives and course highlights. This is also where you will be able to continue the registration process. 22
CONFERENCE NEWS Step 5: View Registration Fees After you have selected your course and have decided you want to register, double check the registration fees to ensure you are getting the correct fee. To receive the member fee, you must be a member in good standing and logged in. If you are not logged in you will not receive the member fee. If you are logged in and still not receiving the correct fee, call the KSCPA at 785.272.4366.
Step 7: Review Your Cart
Step 6: Click Add to Cart After verifying your registration fees, click “Add to Cart.” This will take you to a new page called, “Cart.” Anatomy of Your Cart Click the “X” at any time before submitting payment to remove an item from your cart. Course/Conference/Event name Registration Fee The link to return to listing of courses and conference to add more to your cart. The information we have on file for you. The link to the page where you can edit the information we have on file for you.
Step 8: Submit Payment Complete the fields with the appropriate information. Then, click “Pay Now.”
Layout compiled by Lauren Tice. Have questions? Contact Lauren at 785.272.4366 or firstname.lastname@example.org.
Skyscapes | March 2011
KSCPA Governmental & Nonprofit Accounting & Auditing Conference
“Transforming the Challenges into Opportunities”
May 17 – 18, 2011 ♦ Hilton Wichita Airport Members: 2-day $280 / 1-day $140 – Non-Members: 2-day $310 / 1-day $170 Bruce R. Hopkins, JD: “The Law of Tax Exempt Organizations” Jeff Lanza, Retired FBI: “Facing Up to Fraud in Challenging Times” Brad Bechtel, CPA: “Employee Benefits: The Options & How We Get There” Alan W. Anderson, CPA: “Why Your Government Needs Enterprise-wide Risk Management” Steve Anderson, CPA: “Good Data Makes Good Decisions” Mark W. Dick, CPA: “Accounting and Auditing Update for Non-profit and Government”
And Others in Break-out Sessions Click Here to Register – 16 Hours of CPE KSCPA Risk Management Conference
“Creating a Risk Intelligent Enterprise: Best Practices in Risk Management and Privacy & Security” May 16, 2011 ♦ Ritz Charles Overland Park Members: $195 – Non-Members: $225
Rick D. Funston (Retired Deloitte): “Creating Strategies Using Risk Intelligence During Undertain Times” Melinda L. McLellan, JD, Hunton&Williams: “A Primer on Identifying, Evaluating, and Managing Risks Associated with Privacy and Security Practices”
Click Here to Register – 4 Hours of CPE
KSCPA Wealth Management Conference
“Strategies for Long-term Growth” May 16, 2011 ♦ Ritz Charles Overland Park Members: $200 – Non-Members: $250
Jerry Bell, JD: “Preserving Wealth with Asset Protection Planning” & “Inherited IRAs vs Retirement Trusts” Mark Carnes, CFP: “Financial Planning with Money Guide Pro” Kenneth Kinsey, CFP: “Understanding Social Security to Create Effective Enrollment Strategies” Bill Bins, CFP: “Preserving Wealth with Long-term Care Costs” Gerry Steffes, CPA, CFP: “Economic Update & Current Trends” & “Asset Allocation Strategies for Secular Bull & Bear Market Trends”
Click Here to Register – 8 Hours of CPE
KSCPA Young Professionals Conference
“Leadership Now! Building Relationships, Achieving Results, and Navigating Change” May 18, 2011 ♦ Hilton Wichita Airport Members: $100 – Non-Members: $125 Rich Drinon, Drinon & Associates Inc.
Click Here to Register – 4 Hours of CPE
Mark Your Calendar! Events
Kansas Legislative Update
Risk Management Conference
January 27, 2011 - Topeka
May 16, 2011 - Overland Park
Wealth Mgmt Conference
January 27, 2011 - Topeka
May 16, 2011 - Overland Park
AICPA Regional Meeting of Council
Governmental & Non Profit Accounting & Auditing Conference
March 17, 2011 - Chicago March 21, 2011 - Atlanta
Leadership Summit & Issues Update with Jim Metzler
May 17-18, 2011 - Wichita
Young Professionals Conference
May 19, 2011 - Wichita
May 18 2011 - Wichita
AICPA Spring Meeting of Council
Conference on KS Taxes
May 22-24, 2011 - Washington, D.C.
KSCPA Board Retreat
June 27, 2011 - Topeka
July 22, 2011 - Oklahoma City, OK
August 10, 2011 - Wichita
AICPA & CPA/SEA Leadership
Business Valuation Conference
October 15-17, 2011 - Phoenix, AZ
AICPA Fall Meeting of Council
October 17-19, 2011 - Phoenix, AZ
October 21, 2011 - Overland Park
Women to Watch Conference & Luncheon September 16, 2011 - Wichita
Annual Meeting Opening Reception November 15, 2011 - Overland Park
61st Annual Tax Conference Nov. 17-18, 2011 - Overland Park
Issues Update & Annual Meeting
Heartland Technology Conference
November 16, 2011 - Overland Park
December 15-16, 2011, Overland Park
To view more details, click on any event or conference or visit www.kscpa.org.
Designed for the profession, by the profession. SM
Skyscapes |www.kscpa.org March 2011 25
FROM THE DEPARTMENT OF REVENUE
KSCPA Executive Director Interviews Secretary of Revenue Nick Jordan Appointed by Governor Sam Brownback in 2011, Secretary Jordan spent 30 years in the travel and tourism industry, was Marketing Director of the Great American Hotel Corporation, and founding President of the Overland Park Convention & Visitors Bureau. Secretary Jordan entered politics in 1995, filling the seat of a state senator and subsequently being elected to three full terms. Secretary Jordan is a life-long Kansan and resides in Shawnee. The interview reviews Secretary Jordan’s extensive business, civic, and political background as well as the administration’s economic growth policy and how this translates to tax policy. Secretary Jordan discusses the operations of his Department and how CPAs can help the Department and the Kansas Legislature formulate the future of Kansas business.
[Click here to watch the full interview.]
FROM THE IRS
When Disaster Strikes, Volunteer
hose affected by a catastrophe like the destruction in Greensburg, Kansas, from an F5 tornado that struck the town on May 4, 2007, know that disaster can strike anyone, anytime, and in any way. In the case of tornadoes, Kansas is always at risk. The impact of the unanticipated earthquake and tsunami in Japan is only beginning to unfold. Without contributions and volunteers willing to help, this kind of dramatic recovery would not be possible. Check out Greensburg today! The IRS asked the KSCPA to commit to serve as a sponsor in the IRS Volunteer Disaster Assistance and Emergency Relief Program, and the governing body of the KSCPA agreed. As a sponsor, the KSCPA will provide a point of contact that is accessible at all times to coordinate with local IRS Stakeholder Liaison for assignment of volunteers to staff Federal Emergency
Management Agency (FEMA) disaster recovery centers or other tax assistance centers established by IRS. The KSCPA will provide the following up to date contact information to the IRS: Name, Title, Address, E-mail, Phone, and Fax and attend meetings to review the procedures under this agreement.
Please Review and Consider Signing Up for the IRS Volunteer Service Agreement The KSCPA is currently seeking volunteers to sign an agreement for a one-year period to provide service at Federal Emergency Management Agency (FEMA) Disaster Recovery Centers or other tax assistance centers established by the IRS, on a volunteer basis without reimbursement for out-of-pocket expenses. Skyscapes | March 2011
Find the News on KSCPA’s Website The KSCPA keeps its ear to the rail to ensure our members stay current with what’s happening in the profession. To provide members with the latest news from reliable sources, we have created a news section on the new website. News from reliable sources such as the AICPA, IRS, Kansas Department of Revenue, and many others is located in several places on the website. See below where you can find the latest news.
On the Homepage
NEWS provides the most recent news that has been posted to the KSCPA website. This news is provided by the AICPA, the IRS, the Kansas Department of Revenue, and many other reliable sources. Click on “all news” to view all news, including archived news, and to search the news by source. KSCPA “TV” provides all the latest news related to the KSCPA. The most recent issue of Skyscapes, “Minute with Marlee,” “20 up to 40,” and more are all added to this section of the homepage.
On the NEWS page Access the “NEWS” page by clicking “all news” on the homepage or clicking the “About” tab then “News.”
Sort the news by the source. Click on any of the tabs listed here to view the most recent news plus any archived stories.
KSCPA Eliminates Post Office Box The KSCPA is no longer receiving mail at its P.O. Box. Please update your records to ensure the KSCPA receives your mail. Our address is:
Kansas Society of CPAs 100 SE 9th Street, Suite 502 Topeka, KS 66612-1213
KSCPA Gets Connected Follow us on Twitter!
@KSCPA team features tweets about breaking news, daily activities from around the office, fun facts and trivia, stress relief tips, and much more! @KansasCPE features tweets about KSCPAâ€™s Professional Development program. Follow us to get updates on upcoming courses and conferences as well as any news related to the program.
Skyscapes | March 2011
KSCPA Presents at Beta Alpha Psi Meeting
Lauren Tice, marketing and communications manager for the KSCPA, presented “Communicating Effectively” to a group of Beta Alpha Psi members at Wichita State University on March 4. The group examined the transaction model of communication in order to understand how communication works to be able to effectively communicate with a variety of audiences. Lauren is available to present on a variety of communication topics. To schedule a her for your next meeting, contact Lauren@kscpa.org.
KSCPA to Visit Area Campuses with CPA Panel Coming to a Campus near You 3/30: Tabor College 4/01: Emporia State University 4/28: Fort Hays State University 9/30: University of Kansas Don’t see your alma mater scheduled? Don’t worry; we’re still in the process of scheduling other campus visits! However, we’re always open to suggestions. Submit yours to email@example.com.
As part of last year’s “20 up to 40” class project, participants organized campus visits as a way to increase value for student members. Each campus will be visited by a three- to four-person panel of CPAs from a variety of areas (e.g. business and industry vs. public practice; tax vs. audit, etc.) to provide insight into the different aspects of the profession. Panelists will answer a list of questions prepared by Lauren Tice, marketing and communications manager, who will serve as moderator. The questions will explore each panelist’s journey to becoming a CPA, details of their current position, and advice they can provide to soon-to-be CPAs. At the end of each panel discussion, students will have the opportunity to ask the panelists any questions they may have.
Volunteers Still Needed! Want to be a panelist? The KSCPA is still looking for CPAs to participate on panels at colleges and universities around Kansas. Sign up for a panel today by contacting Lauren at firstname.lastname@example.org. 30
We Can Make That Deal For You! There are many ways to make a deal work and we know them all. Our reservoir of experience will serve you well whether you are an owner getting what you deserve f o r your practice o r a buyer seeking a new enterprise. Accounting Practice Sales is here to serve you. Call Kathy Brents today!
NORTH AMERICA'S LEADER IN PRACTICE SALES
Kathy Brents, CPA P. O. Box 70 Cleveland, Arkansas 72030 (501) 669.2505 Mobile (501) 514.4928 Fax (501) 669.2291
Stephanie Bolte-Lank, CPA
From the Wichita Eagle: Kori Guy, Abilene, has joined BKD as an intern. She attends Wichita State University. Congratulations, Kori!
Stacy Burkdoll, CPA
Kyle Hawk, CPA
From the Manhattan Mercury: Stacy Burkdoll, Manhattan, has been promoted to Senior Manager with Varney and Associates, CPAs. Burkdoll has worked for the firm since 2008. She has over 11 years of experience preparing income tax returns, financial statements and audits. She received her MBA from Emporia State. Congratulations, Stacy!
Russell R. Carswell, CPA
From the Hays Daily News: Russell Carswell, Wichita, has been promoted to partner with Adams, Brown, Beran & Ball. Carswell has worked for the firm since 2003. He joins Steve Howard as the partner in the firm’s Wichita office. He graduated from McPherson College with a bachelor’s degree in accounting. Congratulations, Russell!
Erin Dunlap, CPA
From the Manhattan Mercury: Erin Dunlap, Manhattan has been promoted to Senior Manager with Varney and Associates, CPAs. Dunlap has worked for the firm since 2004. She specializes in accounting and taxation. She is a certified QuickBooks professional advisor, providing setup, consulting and support to clients. She graduated from Kansas State University with a Masters of Accountancy. Congratulations, Erin!
Kate Grant, CPA
From the Wichita Eagle: Kate Grant, Wichita, has been promoted to audit manager for Kirkpatrick, Sprecker. She was a graduate from the 2010 “20 up to 40” program at the KSCPA. Congratulations, Kate! 32
From the Salina Journal: Stephanie Bolte-Lank, Salina, has passed the Certified Construction Industry Financial Professional exam, obtaining the CCIFP designation. Bolte-Lank has worked at Kennedy and Coe since 2005. She is a senior associate in the firm’s Salina office. She graduated from Midland University in Fremont, Neb. with a bachelor’s degree in accounting. Congratulations, Stephanie!
Jason Hamlin, CPA
From the Wichita Eagle: Jason Hamlin, Wichita, has joined the assurance department of Allen, Gibbs & Houlik as the department of assurance. Congratulations, Jason!
From the McPherson Sentinel: Kyle Hawk, McPherson, has successfully completed the certification process with the Middle Market Investment Banking Association and its affiliate, the National Association of Certified Valuation Analysts to earn the Certified Merger and Acquisition Professional designation. He is the managing member of Swindoll, Janzen, Hawk & Loyd, LLC. Congratulations, Kyle!
Jason L. Mayers, CPA
From the Hays Daily News: Jason Mayers, Great Bend, has been promoted to partner with Adams, Brown, Beran & Ball. Mayers has worked for the firm since 2003. He holds Series 7 and 68 licenses as a financial adviser. He graduated from Kansas State University with a bachelor’s degree in accounting and financial services, with a minor in economics. Congratulations, Jason!
Brian McGuire, CPA
From the Wichita Eagle: The Starkey Foundation has announced that Brian McGuire, Wichita, has joined the foundation’s board of directors. McGuire is an individual practitioner. Congratulations, Brian!
Justin Minchow, CPA
From the Manhattan Mercury: Justin Minchow, Wichita, has joined Sink, Gillmore and Gordon LLP, Public Accountants as a manager. He graduated from Kansas State University with a Masters of Accountancy. Congratulations, Justin!
Andy Prescott, CPA
From the Manhattan Mercury: Andy Prescott, Manhattan, has been promoted to Senior Manager with Varney and Associates, CPAs. Prescott has worked for the firm since 2004. He has eight years of auditing experience. He is the lead auditor at the firm. He performs audits of financial institutions. Prescott is also a certified information systems auditor, performing information technology reviews for clients. He earned a Master of Accountancy from Kansas State University. Congratulations, Andy!
Lynn Rottinghaus, CPA
From the Wichita Eagle: Lynn Rottinghaus, Wichita, has been promoted to audit supervisor for Kirkpatrick, Sprecker & Co. Congratulations, Lynn!
Jenni Sanders, CPA
From the Wichita Eagle: Jenni Sanders, Wichita, has been promoted to senior accountant at BKD. Congratulations, Jenni!
Kimberly Sheahan, CPA
From the Kansas City Business Journal: Kimberly Sheahan, Lenexa, has joined House Park and Dobratz PC as a staff accountant. Sheahan focuses on taxation, tax planning and bookkeeping. Congratulations, Kimberly!
Sam Williams, CPA
From the Wilson County Citizen: Sam Williams, Wichita, has been appointed to the “Blue Ribbon Commission.” The commission will conduct an intensive review of state court operations and structure. Williams is a managing partner at Sullivan, Higdon & Sink in Wichita. Congratulations, Sam!
In Memoriam Don Diederich
June 22, 1950 – January 23, 2011 William Dorsett Trahan 2/5/1941 – 2/7/2011
Our deepest sympathies
MEMBERS IN THE NEWS Grant Thorton to Expand From the Wichita Eagle
Grant Thorton, one of the largest public accounting firms plans to double its business in the next five years. CEO Stephen Chipman said that this expansion will be possible through acquisitions. Chipman said he thought that consolidation activity will increase because of the recession. This consolidation would allow Grant Thorton to acquire quality organizations to reach its expansion goal. Chipman visited Wichita on January 20, meeting with the Wichita firm’s partners and key clients. Chipman also took part in World Trade Council of Wichita speaking events. Grant Thorton has a Wichita office that employs 62 people. Grant Thorton international has 500 offices in 100 countries. Three key industries Grant Thorton serves are consumer and industrial products, technology and nonprofit organizations.
Mapes & Miller CPA’s From the Advocate of Phillips County
Mapes & Miller CPA’s received a “Business of the Year” nomination for the Phillipsburg Area Chamber of Commerce’s Chamber awards.
Steffes Financial, LTD. Receives Recognition From KC Business Magazine
Steffes Financial, LTD. has been acknowledged as one of Kansas City’s Best Wealth Managers by KC Business Magazine. KC Magazine and KC Business subscribers surveyed consumers to see who scored highest in overall client satisfaction. The survey recipients could only score those companies they had a personal experience with. After the surveys were completed, each wealth manager was reviewed for regulatory actions, civil judicial actions, and customer complaints as reported by the Financial Industry Regulatory Authority and other regulatory agencies. Once the mangers were reviewed, the list was finalized through a blue-ribbon panel. The resulting list of 2011 FIVE STAR Wealth Managers represents less than 5 percent of the wealth mangers in Kansas City. Steffes was one of the 280 top-scoring wealth managers. Congratulations!
L. Gary Boomer, Jim Boomer Named Among the Top 25 Thought Leaders From CPA Technology Advisor L.Gary Boomer and Jim Boomer, both of Boomer Consulting, Inc. were named among the Top 25 Thought Leaders by CPA Technology Advisor during a symposium in February. The public accounting industry’s most diverse and influential individuals [met] on February 20-22 at The Gaylord Texan Resort to participate in The CPA Technology Advisor’s Top 25 Thought Leader Symposium. This first-of-itskind event [was] sponsored by CCH, a Wolters Kluwer business; Sage; and Thomson Reuters. The 25 thought leaders are distinguished in their own right with several who have been named to the 100 Most Influential People in Accounting list, IPA’s Top 10 Most Recommended Consultants list, the American Institute of CPA’s Technology 100 as well as earning lifetime achievement awards. “Without a doubt, technology and thought leadership are the driving forces of change for public accounting practices across the country,” says Executive Editor Darren Root, a practicing CPA based in Bloomington, Indiana. “This Symposium [brought] together the greatest influencers in adopting the technologies needed to advance the profession in the years to come.” Topics [discussed ranged] in scope from strategic planning, technology, risk management, performance, microcomputing accounting systems, profitability, organizational growth, emerging technologies, public accounting trends, start-up tips, social media outreach, tax, audit, client services, green accounting, accreditations, measurement, software solutions, and workflow.
[Click here] to view all 25 Thought Leaders named by CPA Technology Advisor.
Skyscapes | March 2011
NEW MEMBERS OF THE KSCPA
CPA Members >>> Craig Bezdek Seaboard Corporation Shawnee Mission, KS
Hollie Gulick Kenneth L. Cooper, Jr., CPA Wellington, KS
Kara Kopper Kennedy and Coe, LLC Garden City, KS
Jennifer Sanders BKD, LLP Wichita, KS
Whitney Brown Brungardt Hower Ward Hays, KS
Michele Hammann SS & C Business & Tax Services, Inc. Lawrence, KS
Christine Keltner Kennedy & Coe, LLC Wichita, KS
Gerald Capps Allen Gibbs & Houlik, L.C. Wichita, KS
Susan Harder Knudsen Monroe & Company, L.L.C. Newton, KS
Nicholas Maese Waddell & Reed Shawnee Mission, KS
Matt Spillman Kansas Alliance for Biorefining & Bioenergy Wichita, KS
Patricia Clark Griffith University Queensland, Australia
Kyle Hart BKD, LLP Wichita, KS
James Martin BKD, LLP Kansas City, MO
James Farmer James J. Farmer, CPA Ulysses, KS
Kyle Heincker BKD, LLP Wichita, KS
Casey McMillian BKD, LLP Wichita
Sarah Feldt Smoll & Banning, CPAs, LLC Dodge City, KS
Stephen Heimsoth Varney & Associates, CPAs, L.L.C. Manhattan, KS
Kathryn Midyett Regier Carr & Monroe, L.L.P. Wichita, KS
Lynn Fountain Fountain GRC Services, LLC Overland Park, KS
Matthew Hollowell Johnson Duncan & Hollowell, L.L.P. Wichita, KS Affiliate
Kyle Nagy KMN Enterprises LLC Kansas City, Mo
Marc Fountain Fountain & Associates, LLP Kansas City, MO Mia Frommelt Overland Park, KS Jonathan Garrett BKD, LLP Wichita, KS
Timothy Johnson BKD, LLP Wichita, KS Darren Kay Ernst & Young, LLP Kansas City, MO
Joel Perkins KPMG, LLP Kansas City, MO Terrell Rohr INVISTA Wichita, KS
Malinda Thimmesch US AgBank Wichita, KS Brian Thompson Mapes & Miller, CPAs Norton, KS Randy Tongier Randy Tongier, CPA Lawrence, KS Danielle Werner BKD, LLP Wichita, KS Casey Woltje CBIZ MHM LLC Leawood, KS Anthony Worthington BKD, LLP Wichita, KS
Student Members >>>
Sammy Althalathini Pittsburg State University
Zilong Deng Pittsburg State University
Rachel Harris Pittsburg State University
Kate Minton Pittsburg State University
Elizabeth Ryan Pittsburg State University
Joshua Ast Pittsburg State University
Keisha Dickerson Chesapeake, VA
Kathryn Hauser Pittsburg State University
Natasha Oliver Pittsburg State University
Amy Slane Pittsburg State University
Olivia Baldwin Pittsburg State University
Timothy Enayati Pittsburg State University
Cassandra Healy Pittsburg State University
Esther Thuo Pittsburg State University
Melissa Brown Pittsburg State University
Mary French Pittsburg State University
Darla Irwin Pittsburg State University
Tiffany Preston Pittsburg State University Julian Rios Emporia State University
Jessica Catron Pittsburg State University
Emily Hales Wichita State University
Nichole King Pittsburg State University
Phillip Daniels Pittsburg State University
Jason Hall Pittsburg State University
Wendy DeLeon Pittsburg State University
Derek Haller Pittsburg State University
Zach Rhine Pittsburg State University
Wen Ting Tsai Pittsburg State University Haimeng Yang Pittsburg State University
Mary MacBain Presents KSCPA Strategic Plan to Wichita Chapter - February 17, 2011 In addition to the presentation of the KSCPA strategic plan, Gary C. Allerheiligen, Chair of the KSCPA Legislative Executive Committee, discussed his recent experience testifying at the taxation committees at the Kansas Statehouse on the Expensing Provision. Gary led the Legislative Executive Committee in developing testimony and proposing amendments to the bills which were subsequently incorporated into the final house and senate bills. Gary is also Immediate Past President of the KSCPA and a member of the Wichita Chapter.
Skyscapes | March 2011
Ready to Sell? Want to Buy? Let Accounting Practice Sales make it quick and easy! Available Listings: Wichita Gross $130k; Wichita (CPA Firm w/audit) Gross $127k; NW KS Gross $ 101k; New: Raymore, MO Gross $145k. To find our more about our risk-free and confidential services, call Kathy Brents, CPA at 501-669-2505 or email kathy@accountingpracticesales. com. Also, visit us at www.accountingpracticesales.com.
Controller S and Y Industries is a rapidly growing contract manufacturer in Winfield, Ks. We are seeking a talented Controller with BS in Accounting and at least five years of recent and continuous experience in the same or similar role. Strong job costing experience is a must. If you are looking for a challenging opportunity with a dynamic team, call Debbie or email your resume today! 620.221.4001 email@example.com
Successful, diversified, growing company located in Great Bend, KS is seeking an experienced Controller. Responsibilities include all phases of accounting, general ledger, financial statement analysis; manufacturing cost accounting; preparing financial reports for management decision making; leading and developing a team of Accountants and the Human Resources function. Position requires a Bachelors Degree in Accounting, with 3 + years of accounting experience. 2 years experience as a Controller with supervisory experience preferred. Strong communication skills, team building and proficiency in QuickBooks and Excel required. CPA certification and manufacturing accounting experience is a plus but is not required. EOE Send resume and salary requirements to: Rob Southern Kennedy and Coe, LLC firstname.lastname@example.org
Post a Classified Online!
Have a job opening or internship? Needing to sell something? All classifieds submitted run for 30 days on our website and in the next issue of Skyscapes.
Step 2: Click on the “Classifieds”
Step 1: Go to www.kscpa.org
Step 3: Click “Post a Classified”
Step 4: Scroll down, complete the form, and click “SUBMIT.”
Once your ad has been received, you will be contacted by the KSCPA with the total word count and cost of the ad. Invoices are sent out after the ad has been published in Skyscapes. Questions? Contact Lauren Tice at Lauren@kscpa.org or 785.272.4366.