Information Technology Disaster Recovery Plan

Why Every Business Needs One

Why You Need a Disaster Recovery Plan

Having a comprehensive Information Technology Disaster Recovery Plan (DRP) is central to your business operations. No matter what industry you’re in, there’s no escaping the fact that conducting business has evolved into a technology-centric venture. Your IT network is the center of business operations and without a robust, optimized, and secure IT infrastructure, you will not be able to compete in today’s marketplace.

Time is money and the cost of a downed network – in lost productivity, customer responsiveness, and reputation – is significant. Therefore, implementing a DRP is critical to business continuity. When disaster strikes, having a detailed written plan that outlines the steps to get your business up and running will prove invaluable in times of crisis.

IT networks are vulnerable to disasters, both natural and man-made. Natural disasters can include events like hurricanes, tornados, floods, blizzards, and lightning strikes. Man-made disasters can include events such as cyber-attacks, terrorism, electrical fires, and water pipe bursts. Given there are a number of developments that can seriously threaten your business’s ability to operate normally, it’s imperative you develop a DRP.

While your customers will be sympathetic at first when disaster strikes, they are unlikely to wait for long periods of time before they begin looking at competitors to meet their needs. If you don’t yet have a DRP drafted for your business, the time to begin developing one is now. There are many websites and resources that provide DRP templates such as www.disasterrecoveryplantemplate.org. You should also consider utilizing an Information Technology (IT) consultant with experience in developing DRPs.  

Formulating a DRP

There are many factors that determine how comprehensive a DRP will be – including the company size, human resources available, and budget. Businesses should perform a cost-benefit analysis to determine how extensive their DRP needs to be to meet their business and customer needs.

Establishing and implementing a DRP requires the support of upper management. The tone at the top of the organization is central to communicating just how important the DRP really is. To begin developing an effective DRP, a team of key employees (which should include members of upper management and IT) should collaborate, brainstorm, and perform a risk assessment to determine the types of risks and disasters that are most likely to occur which would impact daily business continuity.

A thorough DRP does not just cover one type of disaster that could occur; it should cover all the most likely disaster scenarios that could impact your business and should outline a recovery plan for each of the scenarios. For example, responding to a hurricane disaster where the physical office could be impacted by flooding, wind damage, and power failure will be very different than responding to a cyber-attack.

When a disaster occurs, the DRP should clearly identify the individual or individuals who have the authority to activate the DRP. The names and contact information for each critical individual or vendor that is responsible for executing the various aspects of the DRP should be included in the plan. If a key person cannot be reached in an emergency, a backup individual and their contact information should be listed in the DRP. Since an emergency can occur at any time and time is of the essence, it is vital to maintain updated contact information for key parties at all times. Training key employees responsible for executing the DRP is also extremely important.

A DRP Checklist

There is not just one DRP that will work for all types of companies. Each DRP should be unique and specific to a business’s set of circumstances. Below is a list of some items to consider including when developing a DRP. 

  • Purpose and goals of the DRP.
  • Diagram of the entire IT network.
  • Updated inventory listing of all critical IT assets (hardware and software).
  • Description of the elements in place to prevent certain disasters from occurring, such as generators and surge protectors.
  • Description of what the business does and the tools in place to detect possible issues before a disaster occurs such as antivirus software, network monitoring tools, and regular employee training.
  • Likely disaster scenarios and the plan for an orderly recovery for each scenario.
  • Define the recovery time objective or the maximum amount of time allowed between the disaster taking place and when normal operations and service levels are resumed. This will vary depending on what each business is willing to accept.
  • Location of backups.
  • Comprehensive off-site data backup procedures including the procedures for regularly testing backups.
  • The frequency at which backups are performed. Data should be backed up with enough frequency that any potential data loss is not deemed unacceptable to the business. If no more than 4 hours of data loss is acceptable for a particular application, then backups should be conducted for that application at least every 4 hours.
  • Clearly list the recovery priorities, i.e., the most critical business continuity systems that need to be up and running first.
  • List of software and systems that will be used to recover from the disaster and any useful/helpful information related to these.
  • Name and contact information for those who will be tasked with implementing and executing the DRP. Be specific in terms of who is responsible for identified tasks.  Backup personnel should also be clearly identified in case the individual in the first position to respond is unable to do so.
  • List any vendors that will be used in the disaster recovery efforts and how to get in contact with them.
  • Contact information for law enforcement, first responders, property managers, and other critical parties should be included.
  • Description of how communication with employees will occur.
  • Description of how communication with customers will occur.
  • Possible relocation site if work cannot be conducted in the normal business location and directions on how to get to the relocation site. Careful consideration should be given to the location of the alternate site since you don’t want to select a location that would also be impacted by the disaster.
  • Document history which includes dates the DRP was revised, what was revised, and by whom.

Download the DRP Checklist here.

 

Testing and Updating your DRP

Simply having a DRP is not enough. Testing the DRP in a simulated environment is vital to ensure the plan will work as intended. Testing is also beneficial to employees who will be tasked with implementing and executing the DRP because the more comfortable they are with executing the DRP, the smoother things will go in an actual emergency. The frequency of testing will vary based on the needs of your company but should occur at least twice per year. One thing to note is that having a test fail is not necessarily a bad thing because it will alert you to an issue that can be corrected ahead of an actual real disaster event.  

Once developed, written and tested, the DRP should be reviewed and approved by key members of upper management and any feedback from upper management should be incorporated into the DRP as deemed necessary.

A DRP is a living document and can’t just be developed and filed away. An outdated DRP is almost as bad as not having one at all. It is important to conduct risk assessments annually to consider new vulnerabilities that could impact the business and to take into consideration any new IT tools that can be used to further reduce downtime or make the business less vulnerable to disasters. Any changes made to the DRP should be tested, staff should be notified of the changes, and training materials should be updated. We live in a world of constant change and this requires key employees to update the DRP at least once a year.

Safeguarding your Business

All employees should know where to locate the DRP and have a copy available to them at all times. In the event of a disaster, employees need to clearly understand their roles and responsibilities and also know who to contact so that incident response can begin. Key employees who will play a role in the execution of the DRP should be given a hard copy and an electronic copy of the most recent DRP to be filed away in their homes or some other off-site location.  

In a competitive business environment, your company simply can’t afford the significant downtime and data loss which can lead to lost revenue, lost customers, and other significant expenses. While all disasters can’t be avoided, their impact can be minimized with an updated and tested DRP in place.

The implementation of the Tax Cuts and Jobs Act in late 2017 has significantly impacted the way companies depreciate their assets. If you own real estate or a business, or if you operate in the real estate or construction industries specifically, you need to learn more about the recent, potentially major changes to the depreciation and expensing rules for business assets.

Section 179

Section 179 of the IRS tax code allows businesses to deduct the purchase price of qualifying equipment and/or software purchased or financed during the tax year. For tax years beginning after December 31, 2017, the allowable IRC Section 179 deduction has almost doubled from $510,000 to $1 million. The maximum asset spending phaseout has also increased from $2.03 million to $2.5 million.

Under the former tax law, qualified improvement property was not eligible for Section 179. However, under the TCJA all leasehold improvements, provided they are made to the interior portion of nonresidential rental property after the building has been placed in service, will be eligible for immediate Section 179 expensing. Any improvements to a building’s interior qualify if they are not attributable to the enlargement of the building, any elevator or escalator, or the internal structural framework of the building. Before the TCJA passed, certain types of building improvements did not normally meet the definition of qualified improvement property because they are improvements made to a structural component of a building. However, under the TCJA the qualifying property for Section 179 expensing has been expanded to include the following improvements to non-residential real property: roofs, heating, ventilation, air conditioning, and fire/alarm protection systems.

Bonus Depreciation

Prior to the TCJA, bonus depreciation was limited to 50% of eligible new property. However, the TCJA reform extends and modifies bonus depreciation to allow businesses to immediately deduct 100% of eligible property placed in service after September 27, 2017 and before January 1, 2023. When 2023 hits, the amount of bonus depreciation will decrease by 20% per year until the end of 2026. Qualified improvement property, which now includes restaurant and retail improvements, as well as tenant and building improvements, has been added as eligible property. Eligible property has also been expanded to include used property, which is a significant and favorable change from previous bonus depreciation rules. Additionally, the TCJA eliminates the requirement that the original use of the qualified property must begin with the current taxpayer. This means that businesses can take bonus depreciation on assets that are acquired from a previous user, as long as the current taxpayer did not previously use the acquired property and the property was not acquired from a related party. The TCJA also added qualified film, television, and live theatrical productions as types of qualified property that are eligible for 100% bonus depreciation. In addition, there is no limit to asset spending in a given year and no limit on the deduction amount that can be taken.

Things to Remember

Businesses must keep in mind that not all states allow bonus depreciation, and therefore, the deduction may need to be added back to income on the respective state return(s). Also, businesses do not have the option to select specific items for the deduction. In a given year, taking bonus depreciation on one asset requires the company to take bonus depreciation on all assets that fall into that respective asset class.

Looking Ahead

The TCJA will help businesses with cash flow issues in particular, because it could potentially reduce their taxable income in the year of the deduction, therefore lowering their tax liability. However, even if your business is not experiencing cash flow issues the TCJA can still be a boon. The TCJA is the biggest tax overhaul since the Tax Reform Act of 1986 and these specific depreciation and expensing changes can have a profound effect on your business taxes. You do not want to miss an opportunity to expense 100% of certain assets and improvements, especially if you are in the real estate or construction industry.

To learn how you can achieve the greatest benefit for your business today, contact John J. Rainone, CPA/MBA, CCFIP at 401-921-200 or jrainone@disantopriest.com.

Have you noticed that we need passwords for just about everything these days? Passwords are required for everything from online banking, healthcare patient portals, work software applications, online credit card management, and shopping, to social media. With our personal and sensitive information residing in so many online locations, and an increasing number of hackers at work, strong password management is critical to protecting your online security. We’ve put together a list of some tips you can implement today to keep your login credentials as secure as possible.

Don’t write down your username and passwords

We’ve all done it ourselves or have seen others do it, such as keeping sticky notes with username and password information stuck to a monitor or kept under a keyboard. We’ve all been tempted at one point or another to manage our passwords this way, but it’s just a bad idea. It’s an insecure method for maintaining sensitive information; you don’t want anyone untrustworthy coming across this information and then using it. If you decide that you absolutely need to write your passwords down just to remember them all, we recommend you keep them locked in a secure location.

Use a password manager

Most people have numerous passwords for many accounts which can make it a challenge to keep them all straight and, quite frankly, remember them all. There are many secure password managers (such as 1Password, LastPass, and Dashlane) that can help you generate complex passwords as well as securely store all of them. Depending on the password manager selected, your encrypted password vault is kept either locally on your computer/device, or it is stored in the cloud. These password managers typically require you to remember one complex password to access the password manager. Your password manager is only as secure as the password you create for it, so you should select a long complex password or passphrase. There are many password managers available and they are becoming increasingly popular. We recommend you research the various types of password managers available and then discuss your options with an information technology professional to determine whether a password manager is right for you.

Be careful what you post on social media

Social media platforms are great for sharing personal information with friends, but they can also potentially expose your personal information to hackers. We love to post things about our favorite sports teams, our birthdays, our children’s birthdays, or share our pet’s name. It may seem harmless to share this information on social media, but hackers who are looking to crack passwords can look to these posts to help them figure out your passwords.

Use complex passwords or passphrases

Don’t use things that are widely known about you when selecting passwords. Also, avoid using common words and never incorporate your social security number into a password. The most secure passwords are comprised of special characters, upper case letters, lower case letters, and numbers.

Many people are starting to use a passphrase as their password. A passphrase can be something like, “My CPA is the best there is!!!” As you can see, a passphrase can be easy to remember, while also being more secure, as they incorporate spaces and are longer than the average password. As a rule, the longer (at least 12 characters) the password/passphrase and the more complex it is, the more secure it will be. Another positive of having a complex password/passphrase is that you won’t need to change the password as often.

Don’t use the same passwords or variations of the same password

Since it seems like we have passwords for everything, it can be tempting to use the same password for everything. This is not a best practice because once someone figures out your password, they can try to access your accounts on other websites that you frequent. If your passwords are the same, or very similar, it becomes all too easy for hackers to access your various accounts.

Change your passwords

The longer you keep your password the same, the higher the chances are that someone will be able to guess what it is. Also, if a hacker does discover your password, changing your password regularly prevents them from continuing to access your account. At a minimum, consider changing your passwords periodically for your more critical online accounts, such as online banking.

Don’t save passwords on your computer or electronic device when prompted

From time to time, while visiting a web page, you may be prompted to have the web browser save your login credentials for convenience reasons. While initially, it may seem like a great time-saving idea to have the computer or electronic device remember and autofill your login credentials, it is not a best practice. If a hacker accessed your computer or electronic device, they could very easily log in as you and access your personal/sensitive information. If login credentials are saved on your computer or electronic device, be sure to remove this information prior to disposing of, donating, or selling your computer or device.

Don’t let anyone watch you log into your accounts

Your login credentials should always be kept confidential. If people are around when you want to log into one of your accounts, wait until you are alone and in a secure environment before entering your login credentials.

Avoid using public computers

When accessing personal and sensitive information, use a device that you know and trust. When you utilize a public device, you have no way of knowing whether that device is truly secure. As an example, a public computer could have keylogger software installed on it which can monitor and record each keystroke typed on a keyboard and provide the information to a third party.

Use two-factor authentication when it is offered

With two-factor authentication, you need more than just a password to gain access to account information. It adds a second layer of security by combining something that you know (like a password) with something that you have (like a cell phone or ATM card) or something specific to only you (like a fingerprint or voice print). An example of two-factor authentication is an ATM. To access accounts at the ATM, you need your bank card as well as your PIN. Some banks are even using voice biometric technologies to verify user identity for added security. Due to the added layer of security that two-factor authentication provides, it is being offered more frequently and we recommend taking advantage of it whenever possible.

Identity theft and data breaches have become increasingly common in our data-driven world. Our personal and sensitive information is very valuable and a natural target for theft. By utilizing the above best practices, you will be well on your way to protecting yourself and preventing a hacker from targeting you.

If you have any questions or would like to discuss any of these security recommendations in more detail, please feel free to reach out to us.

Navigate the challenges affecting your business by browsing accounting white papers written by our experienced professional team of local CPAs.

Cryptocurrency has been around since 2008. However, it went from being generally unheard of by most to a frequent topic of household conversation within a few months.  At the end of 2017 and the beginning of 2018, there was daily news coverage regarding cryptocurrencies caused by the significant spike in prices (upwards of a thousand percent) that increased the wealth of many coin holders.

What is a cryptocurrency?

A cryptocurrency is an electronic currency that is designed to be exchanged for goods or services (i.e., Bitcoin, Ethereum, Litecoin, and Monero are some of the most popular).  Each “coin” can be “mined” utilizing the power of graphics cards to perform complex calculations to solve algorithms. Once a solution is found, a block (as in blockchain) is complete, and a coin is rewarded to the computer responsible for finding the answer.  These calculations are verifying that the data batched into a block is accurate. The new block is then sent to all other computer systems on the block-chain network. The block cannot be altered because all systems possess the same information. We discussed blockchain technology in Part 1 here.

How can we use cryptocurrency?

The first transaction ever recorded with Bitcoin was used to order pizza in exchange for 10,000 Bitcoins (BTC).  This was long before Bitcoin reached a value of over $19,000. However, ordering pizza is not the only thing we can use cryptocurrency for.

A valuable function created from cryptocurrencies is an immediate exchange of funds globally. Transfers can happen almost instantaneously. For example, $99 million worth of Lite Coin was moved in a single trade on April 23, 2018, and the transaction took about two minutes and thirty seconds to settle.  The associated fees for this transaction cost about 40 cents. This process is substantially cheaper than other means of transferring funds from one entity to another. Typical funds exchange services can charge 10% or more for the service and take several days to settle.  

Cryptocurrency trading has become quite popular recently and there are risks involved as with any other investment. Smartphone apps have been developed, including Coinbase, to act as an easy to use interface to trade a variety of cryptocurrencies.  Prices are known to be extremely volatile and various online exchanges have been compromised where investors lose all the cryptocurrencies that they own. The most important distinction regarding blockchain and cryptocurrencies is that, while the blockchain is not a hackable system, the exchanges and your computer that holds your coin can be. Investors must take the necessary precautions when dealing with this new opportunity.

Up next!

We discuss the taxation of cryptocurrency and how it can affect investors and miners in Part 3.

Part 1

Part 3

 

Blockchain – What is this new buzzword? I’ve heard colleagues, clients, and even politicians throwing it around, but according to Accounting Today, only 1% of today’s workforce considers themselves an expert. So why is it becoming such a hot topic? Who is it affecting? And what does it mean for your business? 

What is blockchain?

Blockchain is defined as “a digital database containing information (such as records of financial transactions) that can be simultaneously used and shared within a large decentralized, publicly accessible network” (Merriam-Webster definition). In other words, it’s a collection of transactions and data that is unchangeable and near-incorruptible.  This system is known as distributed ledger technology. Blockchain isn’t just about recordkeeping; it’s about how the records are both created and kept. Each transaction is called a block, and each block is recorded sequentially, creating a chain (hence the name). Transactions are created authentically with layers of verification that make it easy to track, trust, and store. The most well-known use of blockchain is through Bitcoin and other cryptocurrencies. But its application is so much more vast than that, and its potential future usage is far more significant than most people realize.

Who’s using it and how?

A considerable number of the big banks and technology companies around the world are starting to implement blockchain technology including J.P. Morgan Chase, IBM, and Microsoft to name a few. Beyond the big business applications, many startups are using this technology for everything from payment systems, to information sharing, smart contracts, and more. Even governments around the world are starting to invest in this technology; the Dubai government has plans to issue all government documents using blockchain by the year 2020. This global change and innovation is sure to have a huge impact on businesses large and small alike. A major sector where privacy is important is the medical field.  Blockchain is a solution where doctors, insurance companies, and hospitals can share patient medical files in real time if they are on the same network. The technology can maintain patient privacy while improving the quality of care received from a patient’s care provider.

Other thoughts

Is this technology safe?

Blockchain uses cryptography (secret code) which prevents records from being modified, altered, deleted, or destroyed. With this fast-paced electronic data stream, it makes it nearly impossible for a hacker to create an alternate chain more quickly than the actual valid chain.

The pace of technological change is continually accelerating. For example, as of the year 2000, the rate of technological progress was five times faster than the average rate of growth during the entire 20th century.

How can we help?

At DiSanto, Priest & Co. we’re keeping abreast of the latest technological innovations, including blockchain and its many applications. We understand that we live in a time of exponential technological advancement. With that rapid growth comes new rules and regulations for both tax and financial purposes. That’s where we come in! As your trusted advisor, we’re here to help you as we navigate through this new and exciting time.

 

Part 2

On Thursday, June 21, 2018, the U.S.  Supreme Court overturned its previous 1967 and 1992 rulings on two cases, National Bellas Hess vs. Illinois and Quill vs. North Dakota, that had upheld physical presence being required in a state before it could impose sales tax on purchases made by residents in their state.  In a 5 – 4 decision in Wayfair vs. South Dakota, the Supreme Court ruled in favor of the state authority to require online retailers to collect sales taxes without regard to physical presence in the state.

With this decision, states stand to gain much-needed tax revenues for their budget deficits. In addition, there may be even more significant cost consequences for small online retailers that do business in multiple states.

As part of the ruling in the 1992 Quill vs. North Dakota case, Congress was given ultimate power to resolve sales tax issues pertaining to interstate commerce.  Discussions surrounding the concept of an “internet sales tax” is not new. Each year, since 2010, legislation has been introduced that proposed a federal tax bill; however, to date, Congress has failed to pass any such legislation that would lend a sense of uniformity to sales tax regulations.

Now that states are being given the authority to pass their own legislation to impose sales tax on purchases from out-of-state retailers regardless of physical presence, and with the inevitable increased complexity that retailers will be forced to comply with, it is possible that Congress will be spurred to provide federal guidance surrounding applicability and compliance as a result of the ruling.

Read More at AP News

In our previous post, Authenticated Financial Information, we explored the need for a private company clearinghouse that can be used to protect and deliver trustworthy financial information. One of the ways firms and their business clients are utilizing a clearinghouse is for SOC report distribution – a process that is becoming more challenging to manage as an increased focus on third-party controls has led to a rise in requests for reports.

If you consider the way most service organizations distribute SOC reports today, you might think of basic methods like email and mail, often with no standardized process or central group managing it. Requests are often sent to various individuals at a service organization from different types of requestors. While convenient, these methods offer little in their ability to track where reports have been sent to and in verifying that the person requesting the report is qualified to receive it. What happens when there is a change or updated report available? How would the previous recipients be notified? What is the approval process? Are NDAs appropriately collected?

Aside from internal challenges, what about the customer experience? Providing customers with an easy, quick way to receive reports is important, but one should also consider if their distribution methods reflect a level of security and control that one would expect from an organization that has already undergone a SOC engagement.

RIVIO solves all these challenges and boasts a high level of user-friendliness for all parties. It puts a service organization in control over the distribution of their SOC reports while also keeping everything confidential and secure.

How does it work?

RIVIO Clearinghouse is a platform designed for three different users: CPA firms, businesses, and third-party users. It provides one location for each party to request, share, and verify information – all through a secure, accessible environment that has undergone all three SOC examinations, has received an ISO 27001 Certification for Service, TRUSTe Privacy Policy Certified, and EU-US Privacy Shield certified.

  1. Request: The platform offers a way for organizations to request SOC reports from their CPA firms and provides a way for customers to request reports from their service providers. When requests are issued, a notification is generated through the system and produces a link for the appropriate party to respond by uploading the SOC report.
  2. Share: SOC reports can be shared with individual customers or with groups through defined distribution lists. The platform tracks recipients of reports and also provides a way to recall information, should a report be updated.
  3. Verify: The platform has a validation process to confirm information came from an authentic source and has been unaltered.

Are you ready to take control of SOC report requests? Visit RIVIO.com to learn more.

There is a growing demand today for accurate, source-verified financial information. But, what is driving this demand? Users of audited financial statements, such as investors and lenders, have increased their focus on the authenticity of the information they receive. While technology has positively impacted the speed and accessibility of information, it has also had some negative impacts – creating new ways to alter and compromise information.

Unfortunately, there are plenty of instances of fraud occurring, either by altering information after it’s been reviewed by a CPA firm, completely falsifying an audited financial statement, or even creating a fictitious firm. Those committing these types of fraud have put the information that others provide under great scrutiny. How can those receiving the information be sure of its validity?

For public companies, this is avoided by use of EDGAR. However, for private companies, there hasn’t been a similar Clearinghouse until recently. CPA.com, an AICPA company, collaborated with Confirmation.com to develop RIVIO Clearinghouse to not only ensure that financial information provided by a CPA firm is protected, but also to provide a more efficient way for all parties to exchange information.

RIVIO provides an online platform that enables CPA firms to exchange information with their private business clients who can then share it out to any third parties that may need this information. It streamlines and controls the process while also ensuring that third parties receive authenticated financial information. For private businesses, it brings more trust to the information provided to third parties and facilitates a more efficient manner for exchanging information.

This cutting-edge solution is a gamechanger for CPA firms and their private business clients, and it is rapidly gaining market acceptance. In a time where it is becoming more challenging to control and protect information, RIVIO is positioned to meet the growing need for authenticated information.

Learn more at RIVIO.com

We receive regular checkups to monitor, maintain, and improve our health. But did you know that you should do the same for your company?  Financial statements provide the vital statistics necessary to track a company’s health. Investors use financial statements to research potential investments, bankers base lending decisions on a company’s financial statements, and valuation experts utilize financial statements to determine a company’s worth. By routinely scrutinizing your financial statements, you can monitor and improve your company’s performance and, ultimately, its value.

A comprehensive financial analysis employs ratios to measure a company’s past and current operations, allowing you to compare its results to others in its industry. This type of review offers insight into the historical growth, profitability, debt capacity, and overall liquidity of the subject company in the context of its industry. All such factors can be important indicators of a company’s ultimate value and provide useful information to business owners and managers who want to more effectively and efficiently manage their operations.

You can perform your own financial checkup for your business. To begin, obtain a history of your company’s financial statements; five years’ worth is usually a good base. Next, convert the financial statements to common size. Common size financial statements are simply your company’s financials expressed in the form of percentages rather than dollars. A common size format readily identifies trends and growth patterns. Additionally, since industry benchmark data is often produced in this format, it makes it easier to compare your results with the competition. Industry benchmark information can be obtained from a commercial vendor, your accountant, or, depending upon the industry, from trade associations.

Next, financial ratios are calculated. There are a number of ratios to choose from – some of the more common ratios measure liquidity, debt coverage, leverage, and operating and profit performance. Their relevance is dependent upon your company, its operating characteristics, and the industry. Bankers and accountants can be especially useful in identifying the more pertinent ratios.

The information gathered thus far is analyzed and compiled on a trended, composite, and industry basis. The results of this analysis, when performed regularly, help you to monitor and recognize the vital statistics necessary to maintain the success and growth of your business. The benefits of this assessment include:

Competitive Advantages & Disadvantages

An industry assessment enables you to identify your company’s strengths and weaknesses and acquire valuable information on the competition.

Budgeting & Forecasting

Studying trends and growth patterns is a very effective preliminary step in preparing internal budgets and forecasts.

Strategic Planning

Recognizing specific performance measurements (company and industry) will help to set goals and objectives for the future (e.g. increasing sales, gross profit margins, and net income).

Acquisition Opportunities

Knowledge of key performance measurements assists in the evaluation of a proposed sale, merger, or acquisition.

Focus

Greater awareness of the interrelationship of the financial statements and a complete understanding of financial operations allows you to focus on the areas important to the growth and success of your business.

Regardless of whether you perform, or your accountant performs, a financial analysis is akin to your annual physical examination…it is crucial to understanding your company’s health – past, present, and future.

 

Our partner, Leah Szlatenyi, directs the Bentley Consulting Group, LLC and has over 25 years of tax, financial advisory, and business consulting experience. As a former member of the American Institute of Certified Public Accountants’ (AICPA) National Business Valuation Committee, Leah has extensive knowledge in the evaluation of an organization’s financial health, business planning and forecasting, and strategic implementation.

error: