Accounting and Finance Research

With proliferation of computers and accounting software, information security became a significant concern for individual CPA practitioners and CPA practices.

This research is based on a survey conducted by the authors at the Second Accounting and Tax CPA seminar at California State University at Los Angeles (CSULA) in 2011. The purpose of this research is to establish metrics and assess cyber security for solo practitioners, small and mid-size CPA practices by surveying and analysing risks that the practices are facing and the countermeasures they employ.

The survey reveals the perceptions and practices of CPA practitioners and employees of CPA firms, small and medium, related to cybersecurity, associated risks in practices of their organizations, and the challenges they confront in their efforts to prevent, detect, and respond to such risks. Among our key findings are: profiles of CPA practices; indexes for Weighted Risk Expectancy (WRE) and Weighted Countermeasure Expectancy (WCE) based on the risk/countermeasure significance and likelihood of occurrences; comparative analysis of WRE and WCE for CPA firms of various sizes and their averages.