Security and Assurance Hot Topics in 2006 Top Technologies List
By Scott H. Cytron, ABC
With the media’s continued emphasis on the extent to which security can make or break a company’s mental and physical state, “Information Security” was once again ranked as this year’s most important technology consideration in the AICPA’s Top Ten Technologies Program. 2006 marks the fourth consecutive year for Information Security to be number one.
Coming in second on the list was “Assurance and Compliance Applications,” representative of the work being done with public company compliance and Sarbanes-Oxley’s Section 404.
Voting for this year’s list was held in November/December 2005. In addition to votes cast by members of AICPA’s Information Technology Member Section, members of ISACA also participated in voting – giving this year’s list the highest numbers ever recorded for participation.
New technologies that appeared for the first time included IT Governance, Privacy Management, and Spyware Detection and Removal.
“Given the continued vulnerability of our clients’ and employers’ IT systems to the human element, ensuring the integrity of the data housed in our systems will always be a fundamental concern to CPAs,” says David Cieslak, CPA.CITP, GSEC, a principal with Information Technology Group, Inc. (ITG) in Simi Valley, Calif., and chair of the AICPA’s IT Executive Committee. “I think it speaks volumes when you realize that not only did the more generally defined ‘Information Security’ once again top the list, but related topics like Privacy and Spyware rated very highly as well.”
One question Cieslak and anyone working on this project always receive is how software vendors can benefit from this information. Cieslak reports it’s “all about how you use the information.”
“From Top Techs, software vendors can gain keen insight into the most important technology issues facing CPAs and other financial professionals,” he says. “Armed with that information, they can make strategic investments to improve product security, utility and overall benefit to the end users.”
AICPA has offered the Top Technologies program to its members since the early ‘80s when voting was done by committee volunteers and other invited professionals through an educationally-oriented learning environment at the University of Arizona-Tucson. However, the Internet’s always-on format, low cost and survey capabilities opened up voting over the last several years to all members of AICPA’s IT-Member Section, which includes members who hold the CITP credential.
As a result – and with the added participation by ISACA – Cieslak reports the Top Technologies program gains momentum, strength and notoriety each year. Most importantly, the list is something that is useful, practical and timely to the accounting profession.
“Top Techs provides helpful insight into the key factors driving technology strategies, budgets and decision-making for the next 12 - 24 months,” he says. “This information is invaluable for a CPA firm or any business wanting to maximize technology. This year’s Top Techs list is the best yet because it represents the feedback and opinions of our largest group of financial and technical professionals.”
In previous years, the AICPA also published what it called “Emerging Technologies” that were voted on by members of the Information Technology Alliance. These were five technologies that were considered “ahead of their time” in terms of implementation or adoption within the accounting marketplace.
For 2006, AICPA decided to forgo this list in favor of promoting the “Honorable Mentions,” or technologies 11-16. These include (in order beginning with number 11) E-mail Filtering (including Spam and Malware scanning Solutions), Outsourcing, Storage & Backup Technologies, Patch & Network Management Tools, and Technology Competency & Effective Utilization.
“Businesses all of kinds will benefit from the information provided by Top Techs; IT strategy and decision-making can be greatly enhanced as priorities are aligned with the most influential technology issues facing businesses today,” says Cieslak.
Here are the top 10 most important technology issues for 2006, along with their definitions. New items for this year are noted as such.
1. Information Security: The hardware, software, processes, and procedures in place to protect information systems from internal and external threats. It includes routers, perimeter firewalls, IP strategy, intrusion detection and reporting, content filtering, anti-virus, anti-spyware, password management, vulnerability assessment, patch management, personal firewalls, wireless security strategies, data encryption, locked facilities and user education.
2. Assurance and Compliance Applications (e.g., SOX 404, ERM): Collaboration and compliance tools that enable various stakeholders to monitor, document, assess, test and report on compliance with specified controls.
3. Disaster and Business Continuity Planning: The development, monitoring, and updating of the process by which organizations plan for continuity of their business in the event of a loss of business information resources due to impairments such as theft, virus infestation, weather damage, accidents, or other malicious destruction. This also includes business continuation and contingency planning.
4. IT Governance: IT governance is a structure of relationships and processes to direct and control the enterprise in order to achieve the enterprise's goals by adding value, while still balancing risk versus return over IT and its processes.
5. Privacy Management: Privacy encompasses the rights and obligations of individuals and organizations with respect to the collection, use, disclosure, and retention of personal information. As more information and processes are being converted to a digital format, this information must be protected from unauthorized users and from unauthorized usage by those with access to the data. This includes complying with local, state, national and international laws.
6. Digital Identity and Authentication Technologies: A way to ensure users are who they say they are—that the user who attempts to perform functions in a system is in fact the user who is authorized to do so. This includes hardware and software solutions that enable the electronic verification of a user’s identity or a message’s validity, for example, digital certificates. This technology includes the use of bar codes, magnetic stripe, biometrics, tokens and access control for authentication, non-repudiation, and authorization.
7. Wireless Technologies: Connectivity and transfer of data between devices via the airwaves, i.e. without physical connectivity. Wireless technologies include Bluetooth (PAN), infrared, WiFi (802.11 WLAN), Wi-Max (802.16), 2.5G & 3G (WWAN) and, satellite.
8. Application and Data Integration: Using current and emerging technologies, including .NET, web-services, Java, XML (the foundation for XBRL) and Ajax, to facilitate integration of data between heterogeneous applications. In its most basic format, XBRL focuses on the agreement to improve gathering, analyzing and sharing business reporting data. For example updating a field in one application and have it automatically synchronize with other applications. This allows organizations to select and seamlessly integrate “best of breed” applications.
9. Paperless Digital Technologies: Document and content management includes the process of capturing, indexing, storing, retrieving, searching, and managing documents electronically including database management (PDF and other formats). Knowledge management then brings structure and control to this information, allowing organizations to harness the intellectual capital contained in the underlying data.
10. Spyware Detection and Removal: Technology that detects and removes programs attempting to covertly gather and transmit confidential user information without his or her knowledge or permission. Spyware applications are typically bundled as a hidden component of freeware or shareware programs or attached to malicious websites. Once installed, spyware can monitor user activity, gather information about e-mail addresses, passwords, and credit card numbers in the background, then transmit this information to someone else. Spyware can include Remote Access Trojans (RAT) and root kits.
About Author:
Scott H. Cytron, ABC, is an accredited communications and public relations consultant working in the accounting, healthcare, high-tech and finance industries. He also teaches efficient and effective writing to professional services’ groups, and can be reached at scott@cytronandcompany.com or through his Web site, http://www.cytronandcompany.com .
Note: Bryan Cytron contributed to this article.
Comments/Feedback about this column:
If you have any feedback or comments about this article we'd like to hear from you... (Feedback Form)
|
|
Sponsor Messags & Links
Red Wing Software
With more than 25 years of experience developing accounting software, Red Wing Software knows businesses. We specialize in providing software at a reasonable price to companies who are outgrowing their current software and need more functionality, especially where inventory is concerned. Red Wing Software offers a complete suite of software products that can integrate and work together, including General Ledger, Accounts Payable, Accounts Receivable, Inventory, Order Entry, Purchase Orders, and Payroll. For more information about Red Wing Software products, please call 800-732-9464, or...
Visit Red Wing for more details
AS411 - Software Search Service
Tired of searching for software?
AS411's complimentary software search service will help you locate professionals in your area who can help you with all your software needs. It's simple, easy and only takes a few minutes.
Click Here to learn more
|
|
|