Report from AICPA Vegas

/in , /by

Recently I had the pleasure of attending the AICPA conference in Las Vegas Nevada, where I was able to connect with some of the most interesting companies in the accounting and auditing space. I was able to learn about products from companies like Peerview Data, which specializes in “turning client data into actionable insights” and GruntWorx, which organizes and pre-fills tax documents, as well as many others. The biggest lesson I learned from the conference was the need for data protection and SOC 2 framework compliance.

Many of the companies I talked with had either completed a SOC 2 audit, were in the middle of an audit or were acutely aware of the need for a SOC 2 exam because of the many third-party vendor assessments they constantly must complete for prospective clients. As we discussed their different software applications, and how they deal with customer data, I saw what we always see: spreadsheets and word documents rule the day, creating frustration and wasted time responding to vendor assessment requests. The more we dove into the topic the clearer it became that the Strunk Risk Manager system of policy management was not just a nice to have but was a need to have. I heard from a managing partner at a tax software company that she spends two to three hours answering vendor assessments for nearly all of her new clients, as she was the only person in the company who could pull together all of the required information. Strunk Risk Manager allows your organization to respond with far less effort, freeing up your executive team for more important tasks.

One company told me that it took around 20% of one of their senior consultant’s time working with their CPA firm to complete their first SOC 2 and were planning on utilizing 10-15% of his time for future exams. When we started to discuss how Strunk Risk Manager transforms your policy and control documentation process they were instantly interested in learning more.

At Strunk, we believe that your challenges with compliance are our opportunity to provide best practice solutions and streamlined responses to managing all your compliance processes.

An independent certified public accountant has examined Strunk’s operations and found them to be in compliance with the AICPA’s Trust Service Principles. It was determined that Strunk meets the Security, Availability, Processing Integrity, Confidentiality, and Privacy criteria for SOC 2 established by the AICPA.