Health and Welfare
Sometimes, it’s best to go back to the basics. To function the way we did when life was less digitally-centered and people used planners instead of Outlook calendars … wrote letters instead of sending shorthand emails from their Blackberries.
That’s how Lydia Burns approaches her days as an auditor in the office of the U.S. Department of Health & Human Services (HHS) – by checking things off her list.
The HHS incorporates the Office of Inspector General and the Office of Audit Services. These offices provide policy direction and conduct, and oversee comprehensive audits for the Health and Human Services (HHS) programs. Most importantly, Burns ensures that the HHS is functioning under GAGAS, or Generally Accepted Government Auditing Standards.
“Our main objective in conducting these audits is to evaluate compliance with program regulations, policies and procedures, as well as evaluate the accomplishment of program goals and assess the economy and efficiency of operations,” she says.
It is her job to serve and protect the tax security of the people of the United States. To successfully do so, she incorporates the AICPA Top Technology Initiatives to her everyday work. Although she says she uses all of the Top 10 initiatives, the #1 initiative on the list, Information Security Management, is most applicable to her daily work.
“We have physical and environmental security such as secure work environment, equipment security, user access management and other access controls for our computers, offices and any other location of our data.” It is required that the HHS offices establish and maintain a formal security education and awareness training program to provide initial security training, annual refresher training and indoctrination/termination briefings.
Another initiative that is a main component of the functionality of Burns’ profession is Conforming to Assurance and Compliance Standards. Every aspect of her job revolves around proper compliance of government regulations.
“We perform auditing, testing and reporting pursuant to federal and state statutes and regulations and follow GAAS [Generally Accepted Auditing Standards] and GAGAS.”
In addition, the employees of the HHS further stay in tune with the initiative by following Government Auditing Standards (the “Yellow Book”) and other regulatory standards for their continuing education program.
Burns is an advocate for the Top Technology Initiatives and believes all those in the accounting field need to be kept abreast of the latest threats and vulnerabilities that may pose network risks.
“Understanding the Top Technology Initiatives is the first step to mitigating potentially extensive damage through network attacks.”
As for those unfamiliar with the initiatives, Burns suggests going back to the ways of old and learning them one at a time. She says to start with the most emergent item first and then work your way down the list.
“If our colleagues don’t know how to use them, the list would give them an idea of what other CPAs believe to be important so they, too, can operate with a more secure computerized system.”