Compliance

  • Assessing Risk: Your Deltek or QuickBooks System in The Cloud.

    Whether your organization is considering moving its Deltek or QuickBooks system to The Cloud or it’s already there, it’s vitally important to periodically assess the risks.

  • Cloud Security Essentials

    In this whitepaper from Technology & Business Solutions LLC, TBS Founders Jay Ethridge and Joe Jezior provide a comprehensive overview of the many layers of Cloud Security — Access, Infrastructure, Hosted Products, Data, Compliance, Personnel, Integrations and Technology. Importantly, a Cloud Provider’s infrastructure model defines the breadth and rigor of its security regime. It also determines whether the provider is delivering “The Promise of The Cloud” with secure, mobile, capable and interconnected technologies.

  • Get a Jump-Start on Year-End with this Handy Checklist.

    In today’s economy every company is looking for a way to reduce costs. At Blue Systems LLC, many of our clients have recognized the need to make the appropriate time investment now to be better prepared for year-end.

  • AICPA Tightens Internal Controls for Cloud SOC2s.

    The AICPA recently announced even tighter internal controls for its new service organization audit program -- SOC2. Because the old SAS70 standard was discontinued in June 2011 as "organizations became increasingly concerned about risks beyond financial reporting, and SAS 70 often was misused as a means to obtain assurance," the AICPA is determined to ensure that the SOC2 audit for Cloud Computing and Software-as-a-Service providers is administered properly and delivers meaningful assurance.

  • SSAE16-SOC2 Basics and Cloud Computing.

    Because its application was misused and ambiguous, the AICPA replaced the old SAS 70 assurance program for service providers with the new SSAE16 standard in 2011. The AICPA further designated an SOC2 (Service Organization Control) audit report for Cloud Providers, instituting important “Trust Services Principles” for Cloud Data.

  • SOC2: Expanding Service Organization Controls Reporting.

    Editor's Note: In this comprehensive piece from The Journal of Accountancy, Chris Halterman explains that the AICPA's SSAE16-SOC2 assurance standard is the right one for Cloud Computing service providers. He writes: "SOC 2 engagements are designed to meet the needs of user entities and other stakeholders by providing service organizations with criteria for describing their systems, criteria for evaluating the suitability of design and operating effectiveness of the service organization’s controls, and an independent CPA’s opinion on the description of the system and the design and operating effectiveness of the service organization’s controls. Examples of service organizations include cloud computing providers, payroll processors, information security service providers and information service providers."

  • SAS70, SSAE16, SOC2 and Data Center Standards.

    Editor's Note: The AICPA's audit program for service providers presents Cloud Computing customers with an alphabet soup of choices. In this informative overview Matt Klein provides real insight into the best assurance standard for Cloud Services and Data Centers -- the AICPA's SSAE16-SOC2. He writes: "SOC 2 provides much more stringent audit requirements with a stronger set of controls specifically designed around data center service organizations. SOC 2 provides what was missing in the SAS 70 – a standard benchmark by which two data center audits can be compared against the same set of criteria. SOC 2 is a welcome standard to our industry. It will raise the bar for some, and allow others to shine under the stringent processes they already have in place."

  • Talented Imitators – Custom Deltek Integrations Create Vulnerabilities.

    In this whitepaper series Jay Ethridge and Joe Jezior of Technology & Business Solutions (TBS) review the vulnerabilities associated with traditional custom software integrations, explore the facets of the integration lifecycle and how ETL technology delivers dramatic efficiencies, and itemize the benefits of today’s cloud- and platform-based integrators for organizations looking to connect their Accounting systems with their corporate HR, CRM or other systems.

  • New Software Integration model is “Genius.”

    In this whitepaper series Jay Ethridge and Joe Jezior of Technology & Business Solutions (TBS) review the vulnerabilities associated with traditional custom software integrations, explore the facets of the integration lifecycle and how ETL technology delivers dramatic efficiencies, and itemize the benefits of today’s cloud- and platform-based integrators for organizations looking to connect their Accounting systems with their corporate HR, CRM or other systems.

  • Borrowed Genius – Cloud Integration Platforms Deliver Dramatic Benefits.

    In this whitepaper series Jay Ethridge and Joe Jezior of Technology & Business Solutions (TBS) review the vulnerabilities associated with traditional custom software integrations, explore the facets of the integration lifecycle and how ETL technology delivers dramatic efficiencies, and itemize the benefits of today’s cloud- and platform-based integrators for organizations looking to connect their Accounting systems with their corporate HR, CRM or other systems.

  • Standardized Customizations – The Integration Lifecycle in The Cloud.

    In this whitepaper series Jay Ethridge and Joe Jezior of Technology & Business Solutions (TBS) review the vulnerabilities associated with traditional custom software integrations, explore the facets of the integration lifecycle and how ETL technology delivers dramatic efficiencies, and itemize the benefits of today’s cloud- and platform-based integrators for organizations looking to connect their Accounting systems with their corporate HR, CRM or other systems.

  • Does it Rain in the Cloud? The Importance of Having an Umbrella Just in Case.

    This whitepaper, by Mike Mellor and John Harder, Partners with Argy, Wiltse & Robinson PC's Business Consulting Group, demonstrates why it is best to be prepared when considering moving any aspect of your organization’s operations to the cloud. A key part of that vetting process should include the internal controls in place at the service provider and reviewing the results of any assurance services that have been performed over those controls.

  • The Sky’s The Limit – Expect More from Your Deltek in The Cloud.

    In this white paper, Jay Ethridge and Joe Jezior of Technology & Business Solutions (TBS) show that as cloud delivery becomes more and more available and attractive, it’s time to expect more from the cloud. They outline four fundamental expectations any provider MUST meet before you should be confident in moving your most critical corporate software to the cloud. It’s the seventh in a series of TBS white papers on cloud computing that defines the enterprise cloud and discusses its benefits, why companies of all sizes, including Google, Microsoft and the Federal Government, are embracing it, and how you can leverage this new technology at your firm.

  • Security of a Higher Level – Unparalled Security and Compliance with the Enterprise Cloud

    In our first three installments of the TBS Whitepaper Series by Jay Ethridge and Joe Jezior of Technology & Business Solutions (TBS) we’ve defined cloud computing and explored the differences between private and public cloud environments, and examined how public enterprise cloud hosting delivers a true reduction in costs, not just a transfer from in-house expenses to third-party charges. In this fourth installment in the series, we explore the security and compliance advantages of enterprise cloud hosting.

  • Tax Law Changes for Businesses in 2010

    This article, by CPA Ric Nelson of Watkins Meegan, reviews the tax law changes for 2010 for businesses. The changes are the result of tax laws passed and regulations issued over the last couple of years.

  • 3% Income Tax Withholding Requirement Delayed

    The American Recovery and Reinvestment Act of 2009, which was signed into law on February 17, 2009, delays for one year the new withholding requirement for government payments to contractors under Internal Revenue Code subsection 3402(t). The requirement now applies to payments made after December 31, 2011. This review, by CPA Ric Nelson of Watkins Meegan, provides all the essentials you need to know.

  • Uncompensated Overtime & How It Impacts Government Contractors

    Many government contractors have found themselves in a “discussion” with DCAA auditors regarding uncompensated overtime at one point or another. The following article by CPA Kristen Soles of Watkins Meegan helps provide guidance regarding how to properly account for uncompensated overtime.

  • Financial Audits – Deficiencies & Material Weaknesses & Their Meaning

    A financial statement audit is designed to express an opinion on the financial statements, not on the entity's internal controls. However, obtaining an understanding of these controls remains a key part of every financial statement audit. Phil Philips, CPA of Watkins Meegan helps explain the language surrounding control gaps and deficiencies.

  • Document Retention Policies: How Long Should You Keep Things On-File?

    When should you hold on to documents and when should you toss them? This reference guide from Watkins Meegan should help you keep your documents under control.

  • Comp Time Policies – Accounting Impacts for Government Contractors

    The term “Comp Time” is often overused and can mean different things to different people. These suggestions by CPA Stephanie Widzinski of Watkins Meegan, will help guide you as you develop your firm's comp time policy.

Pages