What You Need to Know Before Upgrading Your Operating System

Mike ArvidsonBy: Mike Arvidson

By now, everyone should be aware that Windows XP is an unsupported, unsafe operating system for business and personal use in 2016. Perhaps lesser known is that Windows 7, XP’s rightful heir in many organizations, entered end of mainstream support last year. In fact, all support options for Windows 7 from Microsoft have expired except for extended support — offered through January 2020 — which only offers security updates, pay-per-incident system support, and access to Microsoft’s Knowledge Base resources.

With this in mind, many organizations today need to be considering their OS contingency plan. After all, 2020 is not far off.

Those businesses aiming to be proactive with their OS migration may also be interested to know that Microsoft’s free upgrade offer for Windows 10 expires on July 29, 2016.

Now, not every organization will have access to the free offer; Windows 7 and 8/8.1 Professional editions are eligible, but Enterprise versions are not. Whether or not your business is able to take advantage of the free upgrade depends on your particular Windows licensing agreement. As a general rule, if your business purchases your software licenses as you add PCs, you should have the ability to upgrade for free. If, however, your organization practices volume licensing, you will likely not be eligible. Check out Microsoft’s FAQs resource for more information on upgrade qualifications.

Regardless of if you can upgrade for free, Windows 10 is a practical and proven platform for businesses today, particularly for those organizations already operating on the Windows platform.

There are, of course, key considerations when weighing a move to a new operating system — Windows 10 or otherwise. To help, we’ve compiled our list of the priority questions to be asking internally to ensure your environment is prepared for an upgrade.

Key Considerations

  • Will your current hardware meet or exceed the new operating system requirements?

RESOURCE | Windows 10 Specifications

  • Do your line of business (LOB) applications work on the new OS? Does the vendor for each business-critical application confirm that they will support their application on that operating system?
  • Does your current endpoint protection software — antivirus, et al. — operate on the new system?
  • For Windows 10 upgrades in particular, are there any web based applications you use and do they support Microsoft Edge or Internet Explorer 11? Are there any browser plugins that need to be supported by a newer edition of IE?

READ ON for the final three questions to ask before upgrading your business’ OS and gain some helpful tips for moving forward.

Is Your Data Secure?

By: Karen Jesskaren Jess

While most nonprofits are exempt from taxes, they are not exempt from hackers targeting their data. Many nonprofit systems are easier to hack than those in the commercial sector. Hackers can take over your website and even your computers. A cyber attack can shut down your website for weeks and donor information, names of clients receiving aid, payroll records and other forms of data may be at risk. Hackers can then sell personal information to underground markets.

In February 2015, the National Center for Charitable Statistics (NCCS) was hacked. The NCCA uses its base of 990s to analyze trends in the nonprofit sector. An estimated 740,000 records including usernames, passwords, IP addresses and other account data were accessed by the hackers.

There are many steps that a nonprofit can take to protect their data and increase security. The National Council of Nonprofits published an article titled Feeling Insecure About Security? Protecting Your Nonprofit’s Data Is Not Rocket Science which details practical steps nonprofits can take to protect their most important data.

If you think your data is secure, think again. Hackers are continually looking for new ways to get at your information. It’s what they do.

New Internal Control Requirements under Uniform Guidance

Stacey Nelson

By: Stacey Nelson

Under Uniform Guidance, non-federal entities are required to implement the new administrative requirements and Cost Principles for all new federal awards. The updated federal regulations can be found here. A primary emphasis under Uniform Guidance is the increased focus on internal controls, and one of the biggest challenges facing many organizations is the change in the requirement to document the organization’s internal controls.

2 CFR 200.303 states the entity must establish and maintain effective internal control over the Federal award that provides reasonable assurance that the entity is managing the Federal award in compliance with Federal statutes, regulations and terms and conditions of the Federal award. While not seemingly a significant departure from the previous requirement, the regulations specifically require written procedures to ensure compliance with cash management requirements and allowable costs and also written standards of conduct addressing conflicts of interest and individuals engaged in procurement decisions.

Though the guidance specifies only these areas to be documented in writing, best practices are to maintain written documentation of the internal controls over all compliance requirements applicable to the organizations Federal awards. Section 200.303 of the Uniform Guidance suggests using the Standards for Internal Control in the Federal Government (Green Book) or the Internal Control Integrated Framework (COSO) as guidance to be followed when designing and implementing your internal control procedures.

Documenting your controls may seem like a tedious task, however, due to the increased emphasis under the new Uniform Guidance rules, it is one that you can’t afford to ignore. Please contact your Eide Bailly service provider with any questions you may have.

Fraud: Current Trends & Information

Jeremy BenewaldBy: Jeremy Bendewald

Trillions of dollars of revenue worldwide is lost due to fraud. According to the Association of Certified Fraud Examiners 2016 Report to the Nations on Occupational Fraud and Abuse, 5 percent of annual revenues are lost to fraud–that is $3.7 trillion worldwide. While the median loss was $150,000, 23 percent of cases involved losses of greater than $1 million. Typically, smaller organizations suffer the larger losses. It is important to be aware of the current trends in fraud so your company can avoid occupational fraud and abuse.

In 83 percent of fraud cases, the fraud involved asset misappropriation. Most frequently victimized were private companies and those in the banking and financial services industry. While employees were typically the perpetrators, owners and executives were the ones who generated the largest fraud losses. The primary weakness in many of these cases was lack of internal controls.

An example of poor controls in a small business can be seen in an actual fraud examination performed by Eide Bailly. The bookkeeper for a tile company was responsible for daily tasks including collecting sales receipts, completing deposit slips and making deposits. After a period of time, the bookkeeper began to remove checks and hid them in her desk. Later, when the daily sales included an amount of cash that matched one or several of the checks which had been set aside,the bookkeeper exchanged the cash for checks and made the daily deposit. No one in the company was aware the cash was missing until it was discovered revenue numbers would not reconcile. By the end of the scheme, the business lost more than $150,000.

Some simple controls could have prevented this scheme. Click here to learn more about business considerations

Evaluating the Auditor Relationship

By: Peggy JenningsPeggy Jennings

Nonprofit organizations, much like public companies, rely on their external audit firm to perform a quality engagement. The audit committee plays a critical role in the governance of nonprofit organizations and one of the tasks assigned to this group is the evaluation of the audit firm.

The AICPA’s Audit Committee Toolkit for Not-for-Profit Entities (3rd Edition) contains a chapter devoted to the evaluation of the audit firm, including the following excerpts of considerations:

Quality of Resources and Services: Does the audit team identify and discuss appropriate risks in planning the audit?

Quality of Communications: Is the auditor comfortable raising issues that would reflect negatively on management?

Independence and Objectivity: Are you confident that the audit team maintains appropriate objectivity and professional skepticism?

Questions for Management: Are you satisfied with the knowledge, skills and abilities of the staff assigned to the audit engagement?

These queries, and many more, can be found in the Toolkit referenced above. If you don’t have access to this valuable document, consider joining the AICPA’s Not-for-Profit Section where you can find resources devoted to assurance, financial accounting & reporting, governance & management and tax compliance.

As always, feel free to contact Eide Bailly with any questions regarding this topic!

How Audits Should Work

By: Tim McCutcheonTimMccutcheon

Audit time doesn’t have to be all that stressful. Honestly. What follows is a solution to ensure the most zen-like audit you’ve ever experienced.

Start by adopting the right mind-set so that your thoughts, which rule your actions, match the underlying reality of the audit cycle and the way audits actually get done. Stephen Covey, best-selling author of The 7 Habits of Highly Effective People, suggested we all should ask ourselves the question, “Is real life more like school, or the farm?” At school, it’s sometimes possible to slack off for a while, then cram the night before the exam, and still get by with a passing grade. Does that work on the farmto slack offthen at the last minute till the soil, plant the seeds, water the plants, pull the weeds, and grow the crops the night before the harvest?

Well, duh. Of course not. So why this comparison? Because the audit engagement is like the farm. The lesson is that you can reduce, if not eliminate, audit stress by being the farmer, tending your crops throughout the year so that when harvest time arrives, you are ready to enjoy the bountiful fruits of your labor.

For the ABC steps you can take to get the most from your audit with the least stress read the full article here