BDO Seidman using SugarCRM to manage office network

Kind of old news (it’s from January last year) but BDO Seidman has implemented commercial open source software to manage their nationwide network of member firms. Open source software is software whose underlying source code is openly available and is usually licensed under the GNU GPL.

What I like about open source is that the software is generally more stable and lightweight than closed-source software. This is due to the open nature of the code, which allows anyone to submit bug fixes or more efficient code.

Firefox, for example, is much more stable and reliable than Internet Explorer, and allows the user much greater control of the browsing experience. So it comes as no surprise that BDO Seidman chose SugarCRM for its adaptability to their specific needs.

[BDO] had never dealt with SugarCRM before, but she said that the lead project manager for the migration project was familiar with open source software. Helping matters was the fact that BDO Seidman’s IT team was very open to the SugarCRM application and regularly volunteered time and effort to work closely with the vendor’s own team when it came time to integrate the product into the environment.

This is where open source can be used more effectively within organizations with specific needs. Getting people from both the customer and supplier to work together to make sure the software fits the organization like a glove.

I wonder whether they would have considered open source if the lead project manager wasn’t already familiar with it. There is still a lot of FUD out there when it comes to open source, so it will take someone like the project manager did at BDO to take the reins and get everyone on board.

As well, BDO looked at other options before deciding to use open source. They even considered going with Microsoft CRM (now Dynamics CRM), but in the end chose something a little sweeter.

Audit committees recognize IT risks should be a focus

Dan Meyer at Tick Marks has brought my attention to a KPMG survey that reports audit committees are becoming more concerned about IT risks on financial reporting.

90% believed that IT oversight deserved more time at audit committee meetings. By constrast, 80% of committee members were satisfied with audit committee oversight of management judgments and estimates and 60% felt that committees were spending sufficient time on these issues.

Good to see audit committees are looking into this area with greater scrutiny. IT is often an area where firms of all sizes could benefit from increased focus and constantly thinking of ways to improve their controls and processes.

But what about the 20% that is satisfied with audit committee oversight of management judgments and estimates, but do not believe sufficient time is being spent on the issue? How can you feel an area needs more time and yet be satisfied with the oversight? This is why looking at surveys is fun.

“The ACI survey findings demonstrate a huge gap between the importance that audit committees place on IT risk and how much time they spend focused on it during their already busy meetings,” Smith said. “Since audit committees generally have only basic IT experience, there may be a reluctance to invite chief information officers and chief technology officers to their meetings, in part, because there is a lack of common vocabulary.”

Audit committees need to have at least one member who has a high level of knowledge in IT as it relates to financial reporting. There is no excuse for lacking someone with a good grasp on the IT risks the organization faces. And CIOs and CTOs aren’t enough – CFOs need to have a more than basic understanding, and even lower down in the accounting department.

I’m really pleased that the CICA has been so proactive towards training CAs on this topic. IT is one of the six topics covered in the professional exam process. (The others are audit/assurance, performance measurement, tax, finance, and organizational effectiveness, control and risk management.) Clearly there is some overlap between the last competency and IT.

An in-depth discussion of the six CA competencies is published by the Institute and available here (pdf).

Reflections on the week just past

This past week has been an interesting one. I’m at a client for the third year now. This is the first time that’s happened, which makes sense since I just began the third year of work after graduating. Some reflections on the milestone:

  • The first year I was green. I had about a week of client-site audit experience to that point, so I did very low-level work. But it was interesting, because the client is a very large owner-managed firm and the engagement is complex.
  • The second year was shortened, since I went to the SOA during the final three weeks of June and after that I was put on another engagement. That engagement is also coming up soon, and will be the second client with whom I’ve hit the third year.
  • This year, thanks to a colleague’s promotion and another’s vacation, I’ve inherited the “In-Charge” mantle and taken the reins of this beast. I find that I really excel in situations where I have greater responsibility, so I’m pretty psyched about the next couple weeks!

As challenging as new engagements are, it’s nice to be able to always spend the same time of the year at the same place.

When will I be a CA?

I recently passed the 2-year mark working in public accounting since graduating without doing any co-op terms. I started work at the beginning of May 2005, so through the end of June I will have 26 months experience, less the approximately 2 months I took off last summer to attend the SOA and study and write the UFE.

To fully earn the CA designation in Canada, you need 30 months of practical experience, along with satisfying some more specific hours requirements in certain areas (i.e. audit, tax, review). I chose a mid-tier firm because the experience is very well-rounded, so the hours requirement is almost certainly satisfied.

(Along with the experience requirement, there is of course the education and examination requirements.)

Therefore, at the end of December this year I could be Neil McIntyre, CA.

Weekend reading

Small Is Essential

At 37signals, a company with just eight employees whose Web-based collaboration software is used by thousands of small businesses, there isn’t time to sit around a conference room sipping latte and deconstructing memos. Come to think of it, there isn’t even a company conference room. There are just a couple of cubicles, loads of brainpower and three simple goals: make useful business software, make it easy to run, make money selling it. Repeat.

Fraud too pervasive to roll back SarbOx

In a new examination of 374 companies accused of securities fraud between 1997 and 2002, an average of seven people were implicated in each case… CEOs were implicated in nearly 90% of the cases examined. Next came CFOs, 78%. Then board directors, 40%; vice presidents, 36%; COOs, 20%; controllers, 19%; and general counsels, 7%. Big accounting firms were implicated in 18% of the cases.

The End of Independent Advice & Counsel

When a consultancy offers solutions, it has made its bed with a handful of technology or other vendors that will provide some portion of the service/product combination that will be sold to clients. When a consultant is truly independent and objective, they are solution independent and will help clients select the best solution for the client (not for the integrator).

PwC: Internal Auditors May Be Missing Risks

Between departments and across the enterprise, more parties have gotten involved in assessing risk and contributing to the company’s risk management process. That has led to some confusion and overlapping of responsibilities. One-third of the internal audit managers surveyed said their companies conduct multiple risk assessments across the organization, but the majority do not coordinate their work or results. The effect is inefficient and redundant presentations before audit committees.

Must I Play Golf To Get Ahead?

In a 2004 survey of 1,000 women golfers, 73% said that the game had helped them develop important business relationships, and over half said that being able to talk knowledgeably about golf had contributed to their success.