En
Pt
Es
De
At
Sl
be-nl
be-fr
Ro
It
Digital Competency Maturity Model (DCMM™)
What institute are you a member of?
-- Select --
Albanian Institute of Authorized Chartered Auditors - IEKA
Austrian Chamber of Tax Advisors and Public Accountants – KSW
Association of Chartered Certified Accountants - ACCA
Association of Professional Financial Managers of Azerbaijan – APFM
Camera Auditorilor Financiari din România - CAFR
Chamber of Accountant Services (GZS - Zbornica racunovodskih servisov)
Chamber of Auditors of Azerbaijan Republic - CAAR
Consejo General de Economistas - CGE
Deutscher Steuerberaterverband e.V. - DStV
Institute for Tax Advisors and Accountants - ITAA
Nederlandse Beroepsorganisatie van Accountants – NBA
Ordem dos Contabilistas Certificados - OCC
Society of Certified Accountants and Auditors of Kosovo - SCAAK
South African Institute of Professional Accountants - SAIPA
The Institute of Certified Public Accountants in Ireland - CPA Ireland
Wirtschaftsprüferkammer KöR - WPK
The Institute of Chartered Accountants of Bangladesh
The Institute of Cost and Management Accountants of Bangladesh
The Institute of Chartered Accountants of India
The Institute of Cost Accountants of India
The Institute of Chartered Accountants of Nepal
Institute of Chartered Accountants of Pakistan
The Institute of Cost and Management Accountants of Pakistan
The Institute of Chartered Accountants of Sri Lanka
The Institute of Certified Management Accountants of Sri Lanka
The Certified Professional Accountants of Afghanistan
Other
Please specify :
In what country is your practice located?
-- Select --
Afghanistan
Albania
Algeria
Andorra
Angola
Antigua and Barbuda
Argentina
Armenia
Australia
Austria
Azerbaijan
Bahamas
Bahrain
Bangladesh
Barbados
Belarus
Belgium
Belize
Benin
Bhutan
Bolivia
Bosnia and Herzegovina
Botswana
Brazil
Brunei
Bulgaria
Burkina Faso
Burma
Burundi
Cambodia
Cameroon
Canada
Cape Verde
Central African Republic
Chad
Chile
China
Colombia
Comoros
Costa Rica
Croatia
Cuba
Cyprus
Czech Republic
Democratic Republic of the Congo
Denmark
Djibouti
Dominica
Dominican Republic
East Timor
Ecuador
Egypt
El Salvador
Equatorial Guinea
Eritrea
Estonia
Ethiopia
Fiji
Finland
France
Gabon
Gambia
Georgia
Germany
Ghana
Greece
Grenada
Guatemala
Guinea
Guinea-Bissau
Guyana
Haiti
Honduras
Hungary
Iceland
India
Indonesia
Iran
Iraq
Ireland
Israel
Italy
Ivory Coast
Jamaica
Japan
Jordan
Kazakhstan
Kenya
Kiribati
Kuwait
Kyrgyzstan
Laos
Latvia
Lebanon
Lesotho
Liberia
Libya
Liechtenstein
Lithuania
Luxembourg
Macedonia
Madagascar
Malawi
Malaysia
Maldives
Mali
Malta
Marshall Islands
Mauritania
Mauritius
Mexico
Micronesia
Moldova
Monaco
Mongolia
Montenegro
Morocco
Mozambique
Namibia
Nauru
Nepal
Netherlands
New Zealand
Nicaragua
Niger
Nigeria
North Korea
Norway
Oman
Pakistan
Palau
Panama
Papua New Guinea
Paraguay
Peru
Philippines
Poland
Portugal
Qatar
Romania
Russia
Rwanda
Saint Kitts and Nevis
Saint Lucia
Saint Vincent and the Grenadines
Samoa
San Marino
Sao Tome and Principe
Saudi Arabia
Senegal
Serbia
Seychelles
Sierra Leone
Singapore
Slovakia
Slovenia
Solomon Islands
Somalia
South Africa
South Korea
South Sudan
Spain
Sri Lanka
Sudan
Suriname
Swaziland
Sweden
Switzerland
Syria
Tajikistan
Tanzania
Thailand
Togo
Tonga
Trinidad and Tobago
Tunisia
Turkey
Turkmenistan
Tuvalu
Uganda
Ukraine
United Arab Emirates
United Kingdom
United States
Uruguay
Uzbekistan
Vanuatu
Venezuela
Vietnam
Yemen
Zambia
Zimbabwe
What is the size of your practice?
-- Select --
Sole practitioner
2-5 partners & staff
6-10 partners & staff
11-20 partners & staff
21 or more partners & staff
Start here
Scroll down to continue
Digital Competency Maturity Rating
Start here
Resposta exigida
I am an Accountant
I am an Auditor
I am a sole practitioner
Section A
Section B
Section C1
Section C2
Digital Competency Maturity Rating
The level of automation of the Firms internal processes
1.1
1.1 Managing Digital Identity
The firm
Resposta exigida
No
0
Yes
1
i. Has a registered domain name
No
Yes
ii. Uses a corporate domain ID for mails
No
Yes
iii. Has a verified social media presence
No
Yes
1.2
1.2 Operational Process automation
The firm has Automated
Resposta exigida
No
0
Yes
1
i. Attendance system / time management
No
Yes
ii. Leave management system / vacation management
No
Yes
iii. Mobile device (smartphones, laptops, PDAs, etc.) tracking
No
Yes
iv. Internal communication - chats / instant messaging systems
No
Yes
v. Centralised file storage system / server / Cloud (hardware infrastructure, Dropbox, Google Drive, etc)
No
Yes
vi. Internal work flow and documentation is managed on a digital work flow management system (internal procedures, for example anti-money laundering obligations)
No
Yes
vii. Electronic database pertaining to clients and services rendered maintained and updated (for example, CRM, billing, digital practice management tools, digital follow up on tasks, deliverables)
No
Yes
viii. Use of a digital document archive (that is, document management system replacing paper storage)
No
Yes
1.3
1.3 High Availability / Backup Availability & Restore
Resposta exigida
No
0
Yes
1
Data back-up is an automated process on the cloud / off-line at a different location and is tested periodically
No
Yes
1.4
1.4 Mobile Devices Data Security
Mobile devices and laptops:
Resposta exigida
No
0
Yes
1
i. Are secured through drive encryption
No
Yes
ii. Have end point security deployed - anti-malware solutions
No
Yes
iii. Can be remotely backed-up / content wiped off in case of loss of device (that is, mobile device management)
No
Yes
1.5
1.5 Data Security
Resposta exigida
No
0
Yes
1
i. Critical communications are digitally secured (either through digital signatures or passwords / other mechanism)
No
Yes
ii. Access to internet is restricted on need only basis and use of datacards is also routed through corporate firewalls
No
Yes
iii. Firm has deployed end-point security on all desktops (including access control)
No
Yes
1.6
1.6 Electronic Payments
Resposta exigida
No
0
Yes
1
The firm's financial transactions beyond a certain threshold are made through electronic means using multi-factor authentication from designated devices only
No
Yes
1.7
1.7 Copyright and Licenses
Resposta exigida
No
0
Yes
1
Software deployed are backed by appropriate licenses and inventory of licenses are maintained
No
Yes
1.8
1.8 Digital Media for Communication
Resposta exigida
No
0
Yes
1
i. Internal employee portal (that is, intranet) is maintained with updated content relating to firm's work programs, checklists, sample representation letters, etc.
No
Yes
ii. E-newsletter is published for staff and knowledge updates are available on portal
No
Yes
iii. Staff feedback and evaluation is done online through a portal
No
Yes
iv. Mail server is managed in-house / third party service provider with scheduled back-ups / vaulting options enabled to retain emails for defined period of time
No
Yes
v. A collaboration platform is in place (internal or external)
No
Yes
1.9
1.9 Protecting Personal Data and Privacy
Resposta exigida
No
0
Yes
1
i. Staff related personal information / HR data in electronic form is secured from unauthorised access
No
Yes
ii. Staff are sensitised on due care to be taken relating to sharing client specific information
No
Yes
iii. The firm is compliant with GDPR
No
Yes
1.10
1.10 Online Scans for Content About the Firm
Resposta exigida
No
0
Yes
1
i. Does the firm conduct, either through a third party or on its own, a scan of online content (of social media, general media, etc.) to track any news about the firm and its staff
No
Yes
1.11
1.11 External Validation / Certification
Resposta exigida
No
0
Yes
1
Is the firm subject to external validation / certifications such as ISO 27001 etc.
No
Yes
Resposta exigida
Digital Competency Maturity Rating
Availability of qualified resource pool and talent development relating to digital competencies
2.1
2.1 Skilled Resource for Managing Internal IT infrastructure
Does the firm have trained/qualified
Resposta exigida
No
0
Yes
1
i. System administrators or, in case of cloud deployment, cloud administrators
No
Yes
ii. Agreement with service providers for desktop support, hardware maintenance/Advanced Management Controls systems (AMCs )
No
Yes
2.2
2.2 Training / Skills of Staff Related to Office Automation
What proportion of the firm's staff are formally trained / skilled in
Resposta exigida
0 to 30% of the staff
0
30% to 60% of the staff
1
Above 60% of the staff
2
i. Word processing software skills
ii. Spreadsheet software skills
iii. Database / data analytics skills
iv. Presentation skills
v. Email and internet skills
vi. Use of automated work-flow systems
Note: Each staff will be counted only once- i.e same staff possessing 2 skills cannot be counted twice.
0 to 30% of the staff
30% to 60% of the staff
Above 60% of the staff
2.3
2.3 Skills Related to Audit in a Computerised Environment /
Information Systems Audit
Resposta exigida
No
0
Yes
2
Do any staff members possess one or more relevant digital qualifications (for example, Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Fraud Examiner (CFE), ISO 27001 Lead Implementer)
No
Yes
2.4
2.4 Digital Etiquette
Resposta exigida
No
0
Yes
1
Does the firm provide its staff with training on drafting email responses / any other form of digital (and / or social) communication factoring cultural and generational diversity of the client / recipients (that is, how to communicate, address messages, etc.)
No
Yes
2.5
2.5 Protecting Against Digital Threats - Does the firm sensitise its staff on issues like:
Resposta exigida
No
0
Yes
1
i. Cyber bullying
ii. Phishing attacks/spear phishing attacks targeting key staff
iii. Malware threat indicators
No
Yes
2.6
2.6 Content Delivery Through Digital Platforms
Resposta exigida
No
0
Yes
1
i. Does the firm have an online/on-demand learning portal which staff can access remotely
No
Yes
ii. Are at least 50% of the total Continuing Professional Development (CPD)s / training sessions through webinars/podcasts are attended on an average
No
Yes
iii. Has the firm subscribed to any digital learning platforms for skill development of its staff
No
Yes
2.7
2.7 Access to Knowledge Base, Content Search Online and Evaluating Content Prior to Use
Resposta exigida
No
0
Yes
1
i. Access to business knowledge database, market drivers and technology relevant to the industry in which clients operate
No
Yes
ii. Are staff trained formally on content searches related to work and how to identify authenticity of the source (for example, of case laws, using audit checklists, etc.)
No
Yes
iii. Are staff trained on what online content can be legally re-used without Intellectual property infringements
No
Yes
2.8
2.8 Creative Use of Digital Technologies
Resposta exigida
No
0
Yes
1
Are staff encouraged to put IT to creative use (for example, building an app for statutory due date alerts and professional updates alerts or automating a routine function)
No
Yes
Resposta exigida
Digital Competency Maturity Rating
Level of automation relating to audit processes and nature of audit services being rendered
3.1
3.1 Use of Automated Audit Software
Does the firm uses any application software/tool for
Resposta exigida
No
0
Yes
1
i. Audit planning including scheduling, resource deployment, tracking actual time spent versus budgeted time, etc.
No
Yes
ii. Audit documentation
No
Yes
iii. Audit reporting
No
Yes
iv. Data extraction, sampling (for example, Benford¿s law, relative size factor (RSF), etc.), analytics etc. (for example, ACL, IDEA etc.)
No
Yes
v. Are the software / tools being used cloud-based with secure access provided to staff members and facility to collaborate with digital sign off, etc.
No
Yes
3.2
3.2 Use of External Automated Audit Tools for Data Extraction, Sampling, Analytics, etc.
Resposta exigida
No
0
Yes
1
i. Are audit staff adequately trained in using the tools and interpretation of results thereof
No
Yes
ii. Are audit staff trained on identifying, obtaining and analysing and retaining relevant digital evidence pertaining to their audit work?
No
Yes
iii. Are there situations where client¿s core processes are fully automated but the firm continues to use manual audit techniques rather than system driven reviews?
No
Yes
3.3
3.3 Use of In-built Audit Tools / Capabilities in Client Side
Applications like ERPs
Resposta exigida
No
0
Yes
1
Has the firm used in-built audit capabilities in client applications (for example, Audit Management Module in SAP, Oracle Financials, audit features in Tally, etc.)
No
Yes
3.4
3.4 Design of Application Level Controls
Resposta exigida
No
0
Yes
1
Has the firm participated in the application design stage for any client in order to suggest internal controls to be built into software they propose to develop / use (for example, maker checker controls, segregation of duties, audit logs, etc. in financial software like accounting, payroll, inventory management, etc.)
No
Yes
3.5
3.5 Carrying out Risk Assessment for Purpose of Audit Planning
Resposta exigida
No
0
Yes
1
Does the firm have a process of reviewing IT controls and the risk of their failure in relation to the impact on audit planning including, but not limited to, audit sample size selection, focus areas of audit, etc.
No
Yes
3.6
3.6 Information Systems Related Audits/Reviews
Has the firm carried out audits relating to:
Resposta exigida
No
0
Yes
1
i. IT Security / General Control Reviews
No
Yes
ii. Financial fraud investigation involving digital forensic reviews
No
Yes
iii. Application Security Audits
No
Yes
iv. Technical reviews (for example, vulnerability assessments, web application security testing, etc.)
No
Yes
v. ISO 27001: 2013 reviews
No
Yes
Resposta exigida
Digital Competency Maturity Rating
Level of automation relating to accounting processes and nature of accounting services being rendered
4.1
4.1 Use of Automated Work Planning Software
Resposta exigida
No
0
Yes
1
i. Does the firm uses any application software / tool for work planning including scheduling, resource deployment, tracking actual time spent versus budgeted time, etc.
No
Yes
ii. Are the software / tools being used cloud-based with secure access provided to staff members and facility to collaborate with digital sign off, etc.
No
Yes
4.2
4.2 Client Accounting Services (including Bookkeeping):
Resposta exigida
No
0
Yes
1
i. Does the firm have an accounting package software in the cloud?
No
Yes
ii. Are financial transactions being imported from files and / or from direct links with financial institutions
No
Yes
iii. Are purchase invoices and / or sales invoices being processed digitally (for example, scanning, OCR, etc.)
No
Yes
iv. Are there any import / export processing of data through Standard Audit File for Tax Purposes (SAFT) for financial statement preparation and presentation and related tax return filing and submitting purposes?
No
Yes
4.3
4.3 Use of In-built Data Logic / Validation Tools / Capabilities
in Client Side Applications like ERPs
Resposta exigida
No
0
Yes
1
Has the firm used in-built data logic / validation capabilities in client
No
Yes
4.4
4.4 Design of Application Level Controls
Resposta exigida
No
0
Yes
1
Has the firm participated in the application design stage for any client in order to suggest accounting policy, procedures and records to be built into software they propose to develop / use (for example, financial software like accounting, payroll, inventory management, etc.)
No
Yes
4.5
4.5 Compliance Work
Resposta exigida
No
0
Yes
1
i. Are the working papers (that is, closing file documentation, checklists, etc.) completely digital maintained
No
Yes
ii. Financial statements and Tax filings are prepared through specialised software
No
Yes
4.6
4.6 Information Systems Related Checks / Reviews
Has the firm carried out checks and reports relating to:
Resposta exigida
No
0
Yes
1
i. IT Security / General Control Reviews
No
Yes
ii. Financial fraud investigation involving digital forensic reviews
No
Yes
iii. Application Security Audits
No
Yes
iv. Technical reviews (for example, vulnerability assessments, web application security testing, etc.)
No
Yes
v. ISO 27001: 2013 reviews
No
Yes
Resposta exigida
« Previous section
Next section »
Verification code
Resposta exigida
I approve the use of my response data for benchmarking purposes. EFAA guarantees anonymity of your response.
Resposta exigida
En 
Pt 
Es 
De 
At 
Sl 
be-nl 
be-fr 
Ro
It