The AICPA's 2009 Top Technology Initiatives

09/30/2009

The following are the 2009 Top Technology Initiatives

1.Information Security Management

Proper Information Security Management protects the integrity, confidentiality and availability of information in the custody of an organization and reduces the risk of information being compromised. It is an integrated, systematic approach that coordinates people, policies, standards, processes, and controls used to safeguard critical systems and information from internal and external security threats.

2.Privacy Management

The right to privacy is a commonly assumed fact, and failure to protect sensitive information can cause serious damage to an organization's reputation and subject it to legal penalties. Privacy Management involves the strategies and safeguards used to protect the privacy of an organizations records that include resources, restricted assets, personnel, client and customer personally identifiable information. Safeguards are enforced so that this information cannot be released to or accessed by unauthorized subjects. The initiative includes complying with local, national and international laws.

3.Secure Data File Storage, Transmission and Exchange (Formerly known as Securing and Controlling Information Distribution)

Stored data can be altered to commit fraud, intercepted by an unscrupulous person en route and altered, and laptops storing vast amounts of confidential information can be lost or stolen. Strategies that can mitigate these risks include encrypted storage disks and laptop hard drives, message digests used to identify altered data, digital certificates, secure channels using Secure Sockets Layering (SSL) or Transport Layer Security (TLS) for purchase transactions, and Virtual Private Networks (VPNs) which allow for more permanent secure data channels.

4.Business Process Improvement, Work Flow and Process Exception Alerts

Business Process Improvement initiatives assist with controlling and documenting processes across the organization, most commonly in accounting or content management (paperless) applications. Transaction processing and audit trails are being replaced with automated processes, work flow, exception alerts, and electronic authorizations.

5.Mobile and Remote Computing

Enabling people to work from anywhere and at any time is the goal of Mobile and Remote Computing. Technologies used in mobile and remote computing include Terminal Services, Citrix, Virtual Desktop Interface, Cellular broadband and WiMAX, and remote control applications. A paperless office environment is essential to support mobile users who want to access and collaborate on digital documents from remote locations.

6.Training and Competency

Knowledgeable and competent employees who address issues with confidence are a key differentiator among competitors. As technology develops and is in a constant state of change, training methods must also change. On-site training has given way to computer-based training (CBT), pod casts, web casts, distance learning, etc.

7. Identity and Access Management

Identity and Access Management involves the implementation of physical, technical, and administrative controls that limit access to company resources to authorized persons. A challenge exists with achieving easy access by authorized users while making resources inaccessible to unauthorized users.

8.Improved Application and Data Integration

Effective decision support and business intelligence systems rely on information systems which talk to each other seamlessly and where information is readily available in a form that expedites business decision making. Disparate systems continue to exist within organizations and duplicate databases reside within these multiple systems.

9.Document, Forms, Content and Knowledge Management

Document, Forms, C