With COVID-19 changing everyone’s world, firms must develop new ways to work internally and with clients. If you are used to going over the audit report with clients in the office, what’s your plan? If your audit team usually conducts the audit at the client’s office, what’s your plan?
Fortunately, technology enables firms such as yours to continue to offer personalized, exceptional service without being in the same physical space as your client. You don’t even need your team to be together in one office to deliver efficient, high-quality work.
What will it take to get it right in the long run? Here are three tips to get you going:
Tip No. 1 — Invest in a cloud-based ecosystem
Many firms don’t have a complete cloud ecosystem supporting their firm’s accounting and auditing needs. A typical firm’s approach includes a mix of solutions, some cloud-based and some with locally installed software.
Firms generally separate their internal cloud needs from their client-facing cloud needs, adding even more complexity. This may have been out of necessity as much as a deliberate strategy. Until recently, the tools to enable virtual client interaction within the context of an audit, review or other engagement have largely been separated from the typical engagement management and methodology tools those same firms use. Unfortunately, enabling a virtual audit is no longer a “nice to have” feature for firms — it’s the minimum standard.
For example, clients used to delivering audit reports in person may desire or require a virtual alternative. Clients used to spending time in their location as an audit team may expect a virtual alternative. They expect you to know how to do these things (and do them well). So, invest in a cloud ecosystem for all parties involved. Get this right, and you not only gain efficient client interactions but deliver excellent value to your clients who expect you to lead them in a more remote-friendly way.
Tip No. 2 — Standardize tools and processes through technology
For many firms, systems built for auditing are the catch-all solution for any financial statement-related service. For firms who only do audits, this can work out fine. But what about when you have prep, comp or review work to do?
From data shown on this infographic, a CPA.com survey from 2019 found that preparation, compilation and review engagements tend to be “overworked” (e.g., performing more work than is required for the service level) by most firms, such that a review includes some audit-level work, a compilation includes review tasks and so on. Ninety-eight percent of firms admitted to at least one engagement being overworked. This is an issue with firms that tend to struggle to shift between service levels, a problem the systems being used magnifies. Doing unneeded, “extra” work doesn’t just eat into your margins — it adds liability risk when you do something the firm was not contracted to do in an engagement. But isn’t it challenging to “right-size” each engagement when you are bouncing back and forth between these various levels of service?
The idea of using a different system to approach each service level concerns many firms. But, if you look at how dramatically different the needs are for these various levels of engagement (and how easily “overworking” becomes the norm), it makes sense to consider how your system can help you align to the scope of each service level.
Nobody wants a review to turn into a “mini audit”, right?
Tip No. 3 — Understand and configure your cloud-based service provider’s security options
You may have seen or heard the somewhat recent news that Zoom had some security flaws exposed in its virtual meeting service. As a result, Zoom had to pivot quickly to address these concerns with a platform update. If you look closely at what happened, you’ll see that many of Zoom’s security flaws were rooted in the default configuration of meetings, including the lack of a required password for meetings. The lesson here: Everyone has a responsibility to not only understand the security measures in place by the cloud service provider but also to properly configure these cloud-based tools to minimize their own risk.
Once you have done your due diligence in selecting a cloud-based solution provider that you can trust, you must implement this technology in a way that works best for your firm.
Considerations here include:
Get a thorough understanding of how to configure the product through implementation and training services.
Build controls within the product so specific users or user groups only have access to functionality that is pertinent.
Document company policy around the handling of sensitive client data and, where possible, enable corresponding document retention policies within your system.
Improved collaboration, ensuring you have the right tool for each job and keeping security properly prioritized are three important but not mutually exclusive objectives. Incorporating these tips as you adapt and evolve your A&A practice will help you succeed in this remote-working, more-virtual world.