July 17, 2018

Information Technology

Former Big 4 Auditor Who Took a Break Needs To Get Back In the Game

Sometimes, life is more important than work. For this former Big 4 auditor, a little life situation forced him out of the game before he got his 2 years and now he’s trying to elbow his way back in.

Hi Adrienne,

I worked in big4 audit for just over a year, but I had to leave the firm soon after that for family reasons (to care for a loved one). It’s been 2 years since then, and I haven’t worked at all (my choice). The good news is that I just passed 3 of 4 sections of the CPA, and I expect to finish it up this month.

The thing is – I need help getting back into the work world now. Do you have any tips for getting back “in the game,” so to speak?

If it helps, I’m really looking for a huge change of pace from big4 auditing – something where there’s little travel, and that’s not nearly as stressful as Big4. I think I would like something where there’s only a one or a few persons I’m reporting to, and where the nature of my work is much more technical/specialized. Something that involves technology would be a big plus (I love Info Tech, and I’m good with it). I’ve looked at private accounting/finance-type positions, but it seems many of them want a minimum of 2 years of working experience. Having Big 4 is great experience, of course, but is 1 year worth much? I also worry about what they will think of a 2 year gap on my resume.

I know a few small mom&pop-type tax CPA firms I could work for, but I worry the work-life balance in these jobs isn’t going to be too much different than Big4. I am also considering government positions.

Do you have any tips for someone like me?

Thanks very much.

~ newbie/CPA2be w/ ONLY 1 year of entry-level big4 audit experience

First off, it depends on where you are. If you’re in the middle of bumfuck nowhere, your options are limited (as I’m sure you’re aware) but if you’re in a major market, you’ve got the option to start networking. Like we’ve advised other folks, you can do this by hitting events held by your state society of CPAs, the AICPA, or other professional organizations.

Second, you’ve got a great excuse if anyone actually asks what you’ve been up to lately. Be honest but not too upfront about this; meaning you don’t have to badger HR about it but have a good explanation ready if you are asked.

You are correct that smaller firms aren’t much different than Big 4 in terms of the amount of work you’re going to be doing, the only difference might be travel. It sounds to me like you have some options, so I’d start by exercising those. Depending on how long you took off to care for your sick family member, you may not have to put in a full two years to get your license.

Based on what you’re looking for, I would suggest seeking out a small (not mid-tier) firm with a couple partners, not some multi-national with tons of clients. If you love IT, try to find someone already in this area willing to take you under their wing, or at least give you some good guidance from their perspective.

I’m not too worried about you, sounds like you have it figured it out and just wanted us to confirm that you aren’t completely fucked. You aren’t.

AICPA: CFOs Want More Input from Auditors on IT Matters

This story is republished from CFOZone, where you’ll find news, analysis and professional networking tools for finance executives.

Certified Public Accountants are increasingly being asked to solve information technology problems for clients and prospective clients, according to a survey by the American Institute of Certified Public Accountants.

But that raises a potential conflict of interest of the sort that led the Securities and Exchange Commission to keep auditing and IT consulting separate. The pressure for auditors to help provide IT solutions will persist nonetheless, says the AICPA.


“The tide has really turned this year with the economy and increasing regulations,” said Joel Lanz, co-chair of the AICPA’s Technology Initiatives task force in a prepared statement.

“As small and medium-sized companies increasingly place IT under their chief financial officers, it’s becoming much more of a broad scope of responsibility,” added Ron Box, Lanz’s co-chair.

With a renewed focus on IT-related issues, the survey makes clear that CPAs need to be literate about information technology in order to collaborate effectively with clients and their IT partners.

Data security clearly is driving the new interest, and CPAs believe the issue will persist in importance for years, the survey suggests.

The biggest surprise from the survey, Lanz told CFOZone, is the fact that “CPAs are not only providing guidance on financial issues, but there is an expectation by audit committees that CPAs could advise on different IT governance issues. CPAs are now commenting to audit committees about business operations in addition to pure financial issues.”

It’s not that CPAs are expected to be the technology expert, but the expectation is that the CPA is able to provide business insight and IT guidance which then enables their clients to effectively leverage their technology to enhance the businesses value, he added.

Is this simply recreating the problem that led to the separation post-Enron and WorldCom of audit services from consulting, much of which was IT oriented? There’s the potential for a conflict of interest here, and a slippery slope toward bad audits as result. SEC rules specifically say audit firms cannot provide IT consulting services on matters that relate to financial reporting for the same client. And the audit committee must sign off on other types of consulting services.

Lanz concedes that CPAs will have to be careful. “It is a fine line,” said Janis Parthun, senior technical manager – IT, for AICPA, but she added that CPAs can help companies avoid problem here. “Sometimes audit committees do need some education in these areas and this is where they can reach out to CPAs that have some understanding of IT to give the audit committee options to make the right decision.”

Lanz adds says that the AICPA has helped on this front with some recent guidelines. “Recent standards provide CPAs with specific criteria for when they need to communicate with audit committees, as well as the type of communication required,” he said.

A spokesman for the Securities and Exchange Commission declined to comment on the trend.

Just Because Cloud Companies Pay For a SAS 70 Doesn’t Make It Any Less Legit, Does It?

Confession: not 100% sure on the hype surrounding SaaS, cloud computing, living in the cloud and whatever but apparently it’s the next big thing (if it’s not already) and might make our lives just one notch short of Jetsons flying car awesome.

Ask guys like Geoff, he’ll tell you all about it. I buy it and I don’t even need to use it, have heard amazing things, and have even evangelized it once or twice.

But it’s your data so instead of jumping on the SaaS/Cloud bandwagon without asking what happens to it once you do, it might be wise to check out the SAS 70 certification and the strange relationship that legitimizes it.


Complying with the AICPA lends a certain bit of credibility to vendors who want to show how tight their control systems are so auditors can rely on them, right?

Perhaps not, says Jay Heiser via Gartner in “Analyzing the Risk Dimensions of Cloud and SaaS Computing,” who is concerned by a sense of deja vu between the faulty systems that collapsed throughout the financial crisis and cloud computing. In an extremely risk-adverse environment, a bit of caution is due before jumping head first into the unknown.

Or you can just trust the shiny marketing materials and forget that it’s your data.

Now back to cloud computing and SAS 70. Okay, let me get this straight: So the cloud companies pay accounting firms for SAS 70 certifications just as the financial organizations paid Moody’s for an investment-grade rating?

“Yes, if you see someone who claims to be SAS 70, they have paid an accounting firm. Not only have they paid an accounting firm to go do the test, but they’ve told the accounting firm what processes need to be tested,” Heiser says.

And that’s different from an audit client paying an auditor how?

In a financial crisis corollary, Big 4 opinions are fetching less these days than they used to. Cloud computing marketers don’t really get what they are pushing but cloud provider clients certainly should understand what this means for the shift to life in the cloud.

Better start updating those marketing materials.

How Cloud Computing Security Resembles the Financial Meltdown [Datamation]