The CPA's Role in Disaster Recovery Planning

By Jacobs, Joel; Weiner, Stanley | The CPA Journal, November 1997 | Go to article overview
Save to active project

The CPA's Role in Disaster Recovery Planning


Jacobs, Joel, Weiner, Stanley, The CPA Journal


In order to thrive in today's competitive marketplace, CPA firms should expand their practices by adding consulting services that, if not offered, will likely be proposed by competitors, both CPAs and non-CPAs. Any CPA firm that does not closely examine various consulting services as revenue producers is neglecting its practice development.

Disaster recovery/business continuity consulting is rapidly becoming a meaningful revenue source for many CPA firms. The consulting process output is a written contingency plan designed to minimize the disruption and downtime that would result from an electronic data processing loss or other significant catastrophic event, such as fire, a building collapse, flood, etc. Many firms offer various levels of disaster recovery/business continuity planning consulting services.

The CPA-An Advocate for Disaster Recovery Planning

Persuasive evidence exists which justifies the CPA's role in actively advocating disaster preparedness planning for clients. CPAs have interpreted Statement on Auditing Standards (SAS) No. 60 as justification for bringing specific disaster planning issues into the audit process. SAS 60 provides that the auditor communicate to the audit committee or its equivalent "reportable conditions" and provide recommendations for corrective action. SAS 60 defines a reportable condition as a significant deficiency in the design or functioning of the internal control structure that could adversely affect an organization's ability to record, process, summarize, and report financial data. Reportable conditions should be included in the management letter or other communication provided to the client at the conclusion of each audit engagement. A credible argument can be made that the absence of a comprehensive disaster recovery plan is a reportable condi tion as defined by SAS 60. The management letter is the ideal forum for advising a client to take corrective action by way of disaster preparedness planning.

Who Needs Disaster Planning?

For large public companies, development of a formal disaster recovery plan is typically required by their boards of directors. For major banks, brokerage firms and other large companies, which rely on intensive data processing environments, adopting and continuing to update a disaster recovery plan is standard operating procedure.

Vendors such as IBM, SunGard, Comdisco, and others engage in disaster recovery consulting for a significant source of their annual revenues. A multisite Fortune 500 company typically will pay anywhere from $40,000 and up for a comprehensive customized disaster recovery/business continuity plan from one of the top tier providers. In addition, many companies pay steep monthly subscription fees for hot-site facilities into which certain departments of the company can move, literally overnight, if required. But what about the vast number of small and mid-sized companies who are the typical clients of most small and regional CPA firms? Is disaster planning essential for them, and, if so, are they willing and able to pay for it?

Industry studies indicate that small and mid-sized companies, with minimal cash reserves and poor cash flow, overwhelmingly do not recover from major losses of data or equipment. Why then, does the vast majority of small and mid-sized companies not have adequate disaster plans, even though their likelihood of failure after a disaster is greater than that of a large multisite company? One reason is, while many owners and corporate officers understand the importance of disaster planning, very few small and mid-sized companies are willing to devote the dollars they believe it will cost to have a consultant create a disaster recovery plan.

Disaster Planning Alternatives

What disaster recovery planning alternatives are available to the small to mid-sized company? There are packaged software programs available that allow a company to create a disaster recovery plan in-house.

The rest of this article is only available to active members of Questia

Sign up now for a free, 1-day trial and receive full access to:

  • Questia's entire collection
  • Automatic bibliography creation
  • More helpful research tools like notes, citations, and highlights
  • Ad-free environment

Already a member? Log in now.

Notes for this article

Add a new note
If you are trying to select text to create highlights or citations, remember that you must now click or tap on the first word, and then click or tap on the last word.
Loading One moment ...
Project items
Notes
Cite this article

Cited article

Style
Citations are available only to our active members.
Sign up now to cite pages or passages in MLA, APA and Chicago citation styles.

Cited article

The CPA's Role in Disaster Recovery Planning
Settings

Settings

Typeface
Text size Smaller Larger
Search within

Search within this article

Look up

Look up a word

  • Dictionary
  • Thesaurus
Please submit a word or phrase above.
Print this page

Print this page

Why can't I print more than one page at a time?

While we understand printed pages are helpful to our users, this limitation is necessary to help protect our publishers' copyrighted material and prevent its unlawful distribution. We are sorry for any inconvenience.
Full screen

matching results for page

Cited passage

Style
Citations are available only to our active members.
Sign up now to cite pages or passages in MLA, APA and Chicago citation styles.

Cited passage

Welcome to the new Questia Reader

The Questia Reader has been updated to provide you with an even better online reading experience.  It is now 100% Responsive, which means you can read our books and articles on any sized device you wish.  All of your favorite tools like notes, highlights, and citations are still here, but the way you select text has been updated to be easier to use, especially on touchscreen devices.  Here's how:

1. Click or tap the first word you want to select.
2. Click or tap the last word you want to select.

OK, got it!

Thanks for trying Questia!

Please continue trying out our research tools, but please note, full functionality is available only to our active members.

Your work will be lost once you leave this Web page.

For full access in an ad-free environment, sign up now for a FREE, 1-day trial.

Already a member? Log in now.

Are you sure you want to delete this highlight?