Information Security Risks and Countermeasures in CPA Practices

Ludwig Slusky, Rick Stephan Hayes, Richard Lau


With proliferation of computers and accounting software, information security became a significant concern for individual CPA practitioners and CPA practices.

This research is based on a survey conducted by the authors at the Second Accounting and Tax CPA seminar at California State University at Los Angeles (CSULA) in 2011. The purpose of this research is to establish metrics and assess cyber security for solo practitioners, small and mid-size CPA practices by surveying and analysing risks that the practices are facing and the countermeasures they employ.

The survey reveals the perceptions and practices of CPA practitioners and employees of CPA firms, small and medium, related to cybersecurity, associated risks in practices of their organizations, and the challenges they confront in their efforts to prevent, detect, and respond to such risks. Among our key findings are: profiles of CPA practices; indexes for Weighted Risk Expectancy (WRE) and Weighted Countermeasure Expectancy (WCE) based on the risk/countermeasure significance and likelihood of occurrences; comparative analysis of WRE and WCE for CPA firms of various sizes and their averages.

Full Text:




  • There are currently no refbacks.

Copyright (c)

Accounting and Finance Research
ISSN 1927-5986 (Print)   ISSN 1927-5994 (Online) Email:

Copyright © Sciedu Press

To make sure that you can receive messages from us, please add the '' domain to your e-mail 'safe list'. If you do not receive e-mail in your 'inbox', check your 'bulk mail' or 'junk mail' folders.