THE STANDARDS BOARD
Established and appointed by the TASBA Board of Governors, TASBA publishes recommended steps and procedures for conducting technology audits and reviews. TASBA also provides its members with tools in the form of questionnaires, surveys, checklists, work plans, timelines, contract verbiage, and interactive websites to assist professionals in rendering technology audits and reviews.
DEFINITION OF TECHNOLOGY AUDIT AND TECHNOLOGY REVIEW
A technology audit is an executive-level engagement to methodically review, examine and evaluate virtually all of the various technologies employed by an organization, as well as additional technologies that might be employed by the organization, to help ensure that the company is sufficiently utilizing appropriate technologies.
Unlike a traditional financial audit which has a specific meaning among CPAs, a "technology audit" does not seek to attest, verify, confirm or even infer that a company’s technologies are adequate; rather a technology audit seeks to identify possible technology shortcomings and areas for potential improvements.
A technology review is considered to be a subset of the technology audit in which only portions of a company’s technologies are considered for engagement purposes. For example, a company may elect to review its’ hardware, network, and cloud-based data storage technologies only.
WHY TECHNOLOGY AUDITS ARE NECESSARY
Today’s complicated array of technologies often makes it difficult for an organization to stay abreast of the available technologies, as well as up and coming technologies. The technology audit engagement offers companies the opportunity to have fresh, independent experts examine their technologies and strategies to help determine whether a company is adequately using today’s available technologies to their fullest advantage.
RECOMMENDED TIMELINE FOR HAVING ONES TECHNOLOGY AUDITED
TASBA recommends that companies conduct a technology audit at least every three years, on average, and more frequently if technologies related to the company’s industry change rapidly.
Click here to be notified when this website goes live
Related Links
About
Board Information
Board Approvals
Board Resolutions
New York (June 17-20, 2017)
New York (Sept 23-26, 2017)
New York (Feb 19-21, 2018)
Hardware Committee
Software Committee
Security Committee
Cloud Committee
Focus of Technology Audits
- Hardware Evaluation – Servers, desktop computers, laptop computers, tablets, smartphones, hardware reliability, hardware performance, hardware age, purchasing practices, employee purchase programs, vendors used to purchase computers, etc.
- Platform Evaluation – Server software, desktop software, networking, operating systems, versions/editions, routers, print servers, licenses, etc.
- Peripherals – Monitors, printers, scanners, fax machines, copiers, speakers, webcams, input devices, mice, keyboards, billing copies and scans, etc.
- Software and app Evaluation – Application suites, email clients, time and billing, accounting systems, client write up, tax preparation, audit software, travel apps, map and GPS apps, etc.
- Accounting Systems – Adequacy of the company’s general ledger, financial reporting, payables, and payroll systems, and potentially the following additional accounting/ERP systems:
- Time and Billing
- Inventory Management
- Manufacturing
- CRM
- Project management
- Additional industry specific applications - Communications – Email, voice mail, phone systems, web site, newsletters, social media, remote access, voice over IP, centralized data storage, document sharing, etc.
- Mobility – Smartphones, cloud storage practices, laptops, tablets, sharable devices, recharging solutions, portable Wi-Fi devices, etc.
- Internet – Internet availability in the offices, internet availability on the road, internet speed, remote access solutions for employees, remote access solutions for clients, cloud storage solutions, web-based applications.
- Security – Firewalls, antivirus protection, malware, spam, password documentation, password protection on computers and devices, UPS protection, device encryption, written security documentation, security checklist, “Fair Use” employee contracts, document sharing, encryption methods, disaster recovery, etc.
- Training – CPE, technology training, classroom training, training room, projection systems, online training, in-house training, appropriate use of the internet training, certifications (ie: QuickBooks, MPAN), etc.
- Backup Procedures – Written plan, timeliness, server backup procedures, application backup procedures, desktop computer backup procedures, device backup procedures, off-site back up practices, etc.
- Paperless – Paperless technologies employed, paperless practices, document sharing practices, etc.
- Ergonomics – Workstation comfort, computer and device deployment, keyboard trays, monitor glare, functional work environment, access to shared devices, etc.
- Technology budget – New hardware, hardware replacement, repairs, new software, software upgrades, technology training, insurance coverage & cost of coverage, etc.
- Administration – Time and expense tracking, time and billing systems, accounting systems, tickler systems, employee scheduling & workload tracking, employee evaluation, human resource systems, etc.
- Other – Newsletters, employee computer purchase plans, computer disposal techniques, designated IT in charge, background checks, technology related revenue sources (QuickBooks consulting, security consulting), etc.
Register Now!
Tools for conducting technology audits