A new white paper from two leading industry organizations delves into the risks of blockchain technology for accounting, informational technology (IT), and auditing professionals.
The paper – Blockchain Risk: Considerations for Professionals – was developed by the Association of International Certified Professional Accountants and Chartered Institute of Management Accountants (AICPA & CIMA) along with the Information Systems Audit and Control Association (ISACA).
The paper outlines the specific risks related to blockchain implementation and operation. It is organized by five key domains—governance, infrastructure, data, key management, and smart contracts.
“Many enterprises are eager to harness the power of blockchain to transform their businesses or operations,” Dustin Brewer, ISACA senior director, emerging technology and innovation, and member of the ISACA-AICPA & CIMA Joint Blockchain Working Group, said. “While there are great benefits to using blockchain, practitioners should ensure they fully understand all types of risk to avoid potentially exposing their business to vulnerabilities, attack vectors or other issues before implementing—or even retroactively, if needed.”
The white paper emphasizes that a broad array of practitioners, including CPAs, IT auditors, cybersecurity professionals, and those in management roles, should gain an understanding of blockchain risks, including:
“It is important for any entity using blockchain technology to understand that there are unique risks in this space, and it is imperative to identify those risks quickly,” Diana Krupica, CPA, AICPA & CIMA lead manager, emerging assurance technologies assurance and advisory innovation, said. “Using a resource such as this risk matrix means entities will be alerted to issues in order to design the necessary processes and controls to mitigate such risks and enable success.”