Audits and risk management. Two of the most common challenges faced by finance leaders. On one end, you’re responsible for disclosing information. On the other? Keeping the information under control. Between the two sits the modern CFO, who, with an increasing scope of responsibilities, has to prevent surprises.
Following a recent article on the importance of KPI tracking, the broadening role of the finance organization, and the need for easy to understand reporting, we would today like to pivot our attention to your duty to ensure accuracy and protect data.
Disclosing and Protecting Information: Modern CFO Challenges in Audit and Data Security
Audits are stressful times. Though the goal for those on both sides of the table is for the process to be as quick, painless, and uneventful as possible, the dream of a peaceful audit is rarely achieved. Regardless of this, audits are necessary to the present and future of the firm—ensuring that your company has effective internal controls and well-documented processes.
Additionally, just as one of the goals of the Modern CFO is to share information effectively and efficiently, an important part of the job is to ensure that information only ends up in the right hands. Data security and management is a core function of risk management—and is just one of the many roles that finance has taken on. This raises the question, what steps are you taking and how are you working with the IT team to keep this ever-evolving risk under control?
Increasing Auditability and Making the Process as Efficient as Possible
Even in the wake of COVID, auditors are remaining incredibly resilient, focused, and productive. According to the Controllers Council, the Audit in Action program was launched by the Center for Audit Quality (CAQ) and shows how auditors are staying resilient against the challenges that 2020 has thrown on them. In this, auditors have turned to technology and embraced creativity while maintaining high levels of professional skepticism.
Auditability depends on a business’s financial recording policies and procedures, effective internal controls, and the willingness of a company’s executives to provide its external auditors with requested data and information.
Invest in a System That Can Provide a Complete and Organized View: The first step in achieving a high-level of auditability is having a financial management system with financial records that are complete and organized. For many businesses, a modern cloud ERP system streamlines recording and organizing data, providing actionable information remotely, and allowing complete drilldown to the transactional level.
Automate Mundane and Error Prone Tasks: Some activities provide value. Others simply take time. By automating routine tasks, you eliminate the error-prone nature of hand-keying information into your system. Better yet, automation helps enforce approval authority, ensures regulatory compliance, and provides a complete audit trail of all transactions.
Stay in Communication with the Whole Organization: Audits aren’t only the finance department’s responsibility, they affect the whole business and should be treated as such. This means that you should be including other stakeholders into the process who can share information and input for more value.
Paint a Clear Future: More and more, auditors expect CFOs to take responsibility of accurate forecasting and guidance. Modern financial software with financial reporting and business intelligence tools make it easier for CFOs to provide accurate forward-looking performance, as well as identifying the factors that cause them.
Improve Your Risk Management Skills: The Modern CFO must be aware of and manage risk to the organization in many forms, not just financial risk or regulatory compliance, but also in how the operational aspects of the company are looking. Being able to communicate your metrics requires you to see them. Visibility is critical not only to audits, but to risk management as well.
Delivering Data Management and Security: Keeping Information Flow under Control
On the other end of the spectrum, you also need to focus on keeping the information you have where you need it to be. Keeping data secure is one of those newer roles of the CFO, but regardless of how novel this is, it’s vital. Protecting data can directly affect the bottom line. A breach will cost you not only to fix—but in lost revenue as well.
So what can you do to lock down the data? It starts with knowing where the gaps are. Every company faces a set of universal security challenges, and it’s important to identify the areas that can easily be controlled but pose the greatest threats. Acumatica cites that among the most pressing threats are access to information, mobile device security, and phishing. In their article, they go on to recommend the following:
Develop and support a company-wide security program: Work with the head of IT and other key executives to develop a security policy and plan for the entire organization. This includes ensuring strong passwords, keeping software applications up to date, and making sure network access is secure.
Educate all employees of their role in keeping company assets safe from attack: Develop a program to train all employees about the risks of a data breach and actions they can follow to reduce the risk of attacks.
Enforce user access rights/permissions: Enforce strict limits on who can access sensitive data from the company’s mission critical systems.
Keep your facility and employees secure: Make sure your company is safe not only from computer-based attacks, but from unauthorized entry to the building as well as to sensitive areas of the facility.