Report from AICPA Vegas

/in , /by

Recently I had the pleasure of attending the AICPA conference in Las Vegas Nevada, where I was able to connect with some of the most interesting companies in the accounting and auditing space. I was able to learn about products from companies like Peerview Data, which specializes in “turning client data into actionable insights” and GruntWorx, which organizes and pre-fills tax documents, as well as many others. The biggest lesson I learned from the conference was the need for data protection and SOC 2 framework compliance.

Many of the companies I talked with had either completed a SOC 2 audit, were in the middle of an audit or were acutely aware of the need for a SOC 2 exam because of the many third-party vendor assessments they constantly must complete for prospective clients. As we discussed their different software applications, and how they deal with customer data, I saw what we always see: spreadsheets and word documents rule the day, creating frustration and wasted time responding to vendor assessment requests. The more we dove into the topic the clearer it became that the Strunk Risk Manager system of policy management was not just a nice to have but was a need to have. I heard from a managing partner at a tax software company that she spends two to three hours answering vendor assessments for nearly all of her new clients, as she was the only person in the company who could pull together all of the required information. Strunk Risk Manager allows your organization to respond with far less effort, freeing up your executive team for more important tasks.

One company told me that it took around 20% of one of their senior consultant’s time working with their CPA firm to complete their first SOC 2 and were planning on utilizing 10-15% of his time for future exams. When we started to discuss how Strunk Risk Manager transforms your policy and control documentation process they were instantly interested in learning more.

At Strunk, we believe that your challenges with compliance are our opportunity to provide best practice solutions and streamlined responses to managing all your compliance processes.

Strunk at COCC Foxwoods

/in , , , /by

We were happy to see so many friends and clients at the COCC Annual Client Conference earlier this month. We were definitely on friendly ground, as we have now implemented our solutions for well over half the COCC base. This event set a new attendance record for COCC. Thank you to everyone who dropped in to see us and congrats to Maria Sgambati at Everett Co-operative Bank who was the winner of our $250 Amazon gift card.

At the conference we were able to show off some of the latest improvements in our Governance, Risk Management and Compliance (GRC) software. We have upgraded Risk Assessor to version 2. It now includes automated feeds of peer data from the FDIC, consolidated risk and trend scoring, and an inline scoring history so you can see at the indicator level your scores on prior assessments. Policy Manager now includes more fine-grained reader logging and alerts.

We also were able to demo our new Vendor Manager tool for managing vendor risk. Vendor Manager provides an easy to follow standardized process to assess risk, gather due diligence materials, evaluate contracts and store all vendor documentation in one convenient place. Vendor Manager keeps everything organized, is simple to use and of course follows the latest FFIEC guidelines.

An independent certified public accountant has examined Strunk’s operations and found them to be in compliance with the AICPA’s Trust Service Principles. It was determined that Strunk meets the Security, Availability, Processing Integrity, Confidentiality, and Privacy criteria for SOC 2 established by the AICPA.