Skip to Main Content

insightsarticles

Perspectives of an
Ex-CIO

05.24.19

Focus on the people: How higher ed institutions can successfully make an ERP system change

The enterprise resource planning (ERP) system is the heart of an institution’s business, maintaining all aspects of day-to-day operations, from student registration to staff payroll. Many institutions have used the same ERP systems for decades and face challenges to meet the changing demands of staff and students. As new ERP vendors enter the marketplace with new features and functionality, institutions are considering a change. Some things to consider:

  1. Don’t just focus on the technology and make change management an afterthought. Transitioning to a new ERP system takes considerable effort, and has the potential to go horribly wrong if sponsorship, good planning, and communication channels are not in place. The new technology is the easy part of a transition—the primary challenge is often rooted in people’s natural resistance to change.  
  2. Overcoming resistance to change requires a thoughtful and intentional approach that focuses on change at the individual level. Understanding this helps leadership focus their attention and energy to best raise awareness and desire for the change.
  3. One effective tool that provides a good framework for successful change is the Prosci ADKAR® model. This framework has five distinct phases that align with ERP change:

These phases provide an approach for developing activities for change management, preparing leadership to lead and sponsor change and supporting employees through the implementation of the change.

The three essential steps to leveraging this framework:

  1. Perform a baseline assessment to establish an understanding of how ready the organization is for an ERP change
  2. Provide sponsorship, training, and communication to drive employee adoption
  3. Prepare and support activities to implement, celebrate, and sustain participation throughout the ERP transition

Following this approach with a change management framework such as the Prosci ADKAR® model can help an organization prepare, guide, and adopt ERP change more easily and successfully. 

If you’re considering a change, but need to prepare your institution for a healthy ERP transition using change management, chart yourself on this ADKAR framework—what is your organization’s change readiness? Do you have appropriate buy-in? What problems will you face?

You now know that this framework can help your changes stick, and have an idea of where you might face resistance. We’re certified Prosci ADKAR® practitioners and have experience guiding Higher Ed leaders like you through these steps. Get in touch—we’re happy to help and have the experience and training to back it up. Please contact the team with any questions you may have.

1Prosci ADKAR®from http://www.prosci.com

Related Industries

Related Services

Read this if you are a CIO, CFO, Provost, or President at a higher education institution.

In my conversations with CIO friends over the past weeks, it is obvious that the COVID-19 pandemic has forced a lot of change for institutions. Information technology is the underlying foundation for supporting much of this change, and as such, IT leaders face a variety of new demands now and into the future. Here are important considerations going forward.

Swift impact to IT and rapid response

The COVID-19 pandemic has had a significant impact on higher education. At the onset of this pandemic, institutions found themselves quickly pivoting to work from home (WFH), moving to remote campus operations, remote instruction within a few weeks, and in some cases, a few days. Most CIOs I spoke with indicated that they were prepared, to some extent, thanks to Cloud services and online class offerings already in place—it was mostly a matter of scaling the services across the entire campus and being prepared for returning students and faculty on the heels of an extended spring break.

Services that were not in place required creative and rapid deployment to meet the new demand. For example, one CIO mentioned the capability to have staff accept calls from home. The need for softphones to accommodate student service and helpdesk calls at staff homes required rapid purchase, deployment, and training.

Most institutions have laptop loan programs in place but not scaled to the size needed during this pandemic. Students who choose to attend college on campus are now forced to attend school from home and may not have the technology they need. The need for laptop loans increased significantly. Some institutions purchased and shipped laptops directly to students’ homes. 

CIO insights about people

CIOs shared seeing positive outcomes with their staff. Almost all of the CIOs I spoke with mentioned how the pandemic has spawned creativity and problem solving across their organizations. In some cases, past staffing challenges were put on hold as managers and staff have stepped up and engaged constructively. Some other positive changes shared by CIOs:

  • Communication has improved—a more intentional exchange, a greater sense of urgency, and problem solving have created opportunities for staff to get engaged during video calls.
  • Teams focusing on high priority initiatives and fewer projects have yielded successful results. 
  • People feel a stronger connection with each other because they are uniting behind a common purpose.

Perhaps this has reduced the noise that most staff seem to hear daily about competing priorities and incoming requests that seem to never end.

Key considerations and a framework for IT leaders 

It is too early to fully understand the impact on IT during this phase of the pandemic. However, we are beginning to see budgetary concerns that will impact all institutions in some way. As campuses work to get their budgets settled, cuts could affect most departments—IT included. In light of the increased demand for technology, cuts could be less than anticipated to help ensure critical services and support are uninterrupted. Other future impacts to IT will likely include:

  • Support for a longer term WFH model and hybrid options
  • Opportunities for greater efficiencies and possible collaborative agreements between institutions to reduce costs
  • Increased budgets for online services, licenses, and technologies
  • Need for remote helpdesk support, library services, and staffing
  • Increased training needs for collaborative and instructional software
  • Increased need for change management to help support and engage staff in the new ways of providing services and support
  • Re-evaluation of organizational structure and roles to right-size and refocus positions in a more virtual environment
  • Security and risk management implications with remote workers
    • Accessibility to systems and classes 

IT leaders should examine these potential changes over the next three to nine months using a phased approach. The diagram below describes two phases of impact and areas of focus for consideration. 

Higher Education IT Leadership Phases

As IT leaders continue to support their institutions through these phases, focusing on meeting the needs of faculty, staff, and students will be key in the success of their institutions. Over time, as IT leaders move from surviving to thriving, they will have opportunities to be strategic and create new ways of supporting teaching and learning. While it remains to be seen what the future holds, change is here. 

How prepared are you to support your institution? 

If we can help you navigate through these phases, have perspective to share, or any questions, please contact us. We’re here to help.

Article
COVID-19: Key considerations for IT leaders in Higher Ed

Editor’s note: If you are a higher education CFO, CIO, CTO or other C-suite leader, this blog is for you.

The Gramm-Leach-Bliley Act (GLBA) has been in the news recently as the Federal Trade Commission (FTC) has agreed to extend a deadline for public comment regarding proposed changes to the Safeguards Rule. Here’s what you need to know.

GLBA, also known as the Financial Modernization Act, is a 1999 federal law providing rules to financial institutions for protecting consumer information. Colleges and universities fall under this act because they conduct financial activities (e.g., administration of financial aid, loans, and other financial services).

Under the Safeguards Rule financial Institutions must develop, implement, and maintain a comprehensive information security program that consists of safeguards to handle customer information.

Proposed changes

The FTC is proposing five modifications to the Safeguards Rule. The new act will:

  • Provide more detailed guidance to impacted institutions regarding how to develop and implement specific aspects of an overall information security program.
  • Improve the accountability of an institution’s information security programs.
  • Exempt small business from certain requirements.
  • Expand the definition of “financial institutions” to include entities engaged in activities that the Federal Reserve Board determines to be incidental to financial activities.
  • Propose to include the definition of “financial institutions” and related examples in the rule itself rather than cross-reference them from a related FTC rule (Privacy of Consumer Financial Information Rule).

Potential impacts for your institution

The Federal Register, Volume 84, Number 65, published the notice of proposed changes that once approved by the FTC would add more prescriptive rules that could have significant impact on your institution. For example, these rules would require institutions to:

  1. Expand existing security programs with additional resources.
  2. Produce additional documentation.
  3. Create and implement additional policies and procedures.
  4. Offer various forms of training and education for security personnel.

The proposed rules could require institutions to increase their commitment in time and staffing, and may create hardships for institutions with limited or challenging resources.

Prepare now

While these changes are not final and the FTC is requesting public comment, here are some things you can do to prepare for these potential changes:

  • Evaluate whether your institution is compliant to the current Safeguards Rule.
  • Identify gaps between current status and proposed changes.
  • Perform a risk assessment.
  • Ensure there is an employee designated to lead the information security program.
  • Monitor the FTC site for final Safeguard Rules updates.

In the meantime, reach out to us if you would like to discuss the impact GLBA will have on your institution or if you would like assistance with any of the recommendations above. You can view a comprehensive list of potential changes here.

Source: Federal Trade Commission. Safeguards Rule. Federal Register, Vol. 84, No. 65. FTC.gov. April 4, 2019. https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/safeguards-rule

Article
Higher ed: GLBA is the new four-letter word, but it's not as bad as you think

In light of the recent cyberattacks in higher education across the US, more and more institutions are finding themselves no longer immune to these activities. Security by obscurity is no longer an effective approach—all  institutions are potential targets. Colleges and universities must take action to ensure processes and documentation are in place to prepare for and respond appropriately to a potential cybersecurity incident.

What are some examples of incidents that managers need to prepare for?

Examples range from external breaches and insider threats to instances of malfeasance or incompetence. Different types of incidents lead to the same types of results—yet you can’t have a broad view of incidents. Managers should work with their teams to create incident response plans that reflect the threats associated with higher education institutions. A handful of general incident response plans isn’t going to cut it.

Managers need to work with their teams to develop a specific incident response plan for each specific type of incident. Why? Well, think of it this way: Your response to a careless employee should be different from your response to a malicious employee, for a whole host of legal reasons. Incident response is not a cookie-cutter process. In fact, it is quite the opposite. This is one of the reasons I highly suggest security teams include staff members outside of IT. When you’re responding to incidents, you want people who can look at a problem or situation from an external perspective, not just a technical or operational perspective within IT. These team members can help answer questions such as, what does the world see when they look at our institution? What institutional information might be valuable to, or targeted by, malicious actors? You’ll get some valuable fresh perspectives.

How short or long should the typical incident response plan be?

I often see good incident response plans no more than three or four pages in length. However, it is important that incident response plans are task oriented, so that it is clear who does what next. And when people follow an incident response plan, they should physically or digitally check off each activity, then record each activity.

What system or software do you recommend for recording incidents and responses?

There are all types of help desk software you can use, including free and open source software. I recommend using help desk software with workflow capabilities, so your team can assign and track tasks.

Any other tips for developing incident response plans?

First, managers should work with, and solicit feedback from across the academic and administrative areas within the institution when developing incident response plans. If you create these documents in a vacuum, they will be useless.

Second, managers and their teams should take their time and develop the most “solid” incident response plans possible. Don’t rush the process. The effectiveness of your incident response plans will be critical in assessing your institution’s ability to survive a breach. Because of this, you should be measuring your response plans through periodic testing, like conducting tabletop exercises.

Third, keep your students and external stakeholders in mind when developing these plans. You want to make sure external communications are consistent, accurate, and within the legal requirements for your institution. The last thing you want is students and stakeholders receiving conflicting messages about the incident. 

Are there any decent incident response plans in the public domain that managers and their teams can adapt for their own purposes?

Yes. My default reference is the National Institute of Standards and Technology (NIST). NIST has many special publications that describe the incident response process, how to develop a solid plan, and how to test your plan.

Should institutions have dedicated incident response teams?

Definitely. Institutions should identify and staff teams using internal resources. Some institutions may want to consider hiring a reputable third party to act as an incident response team. The key with hiring a third party? Don’t wait until an incident occurs! If you wait, you’re going to panic, and make panic-based decisions. Be proactive and hire a third party on retainer.

That said, institutions should consider hiring a third party on an annual basis to review incident response plans and processes. Why? Because every institution can grow complacent, and complacency kills. A third party can help gauge the strengths and weaknesses of your internal incident response teams, and provide suggestions for general or specific training. A third party can also educate your institution about the latest and greatest cyber threats.

Should managers empower their teams to conduct internal “hackathons” in order to test incident response?

Sure! It’s good practice, and it can be a lot of fun for team members. There are a few caveats. First, don’t call it a hackathon. The word can elicit negative or concerned reactions. Call it “active testing” or “continuous improvement exercises.” These activities allow team members to think creatively, and are opportunities for them to boost their cybersecurity knowledge. Second, be prepared for pushback. Some managers worry if team members gain more cybersecurity skills, then they’ll eventually leave the institution for another, higher-paying job. I think you should be committed to the growth of your team members―it’ll only make your institution more secure.

What are some best practices managers should follow when reporting incidents to their leadership?

Keep the update quick, brief, and to the point. Leave all the technical jargon out, and keep everything in an institutional context. This way leadership can grasp the ramifications of the event and understand what matters. Be prepared to outline how you’re responding and what actions leadership can take to support the incident response team and protect the institution. In the last chapter, I mentioned what I call the General Colin Powell method of reporting, and I suggest using that method when informing leadership. Tell them what you know, what you don’t know, what you think, and what you recommend. Have answers, or at least a plan.

How much institution-wide communication should there be about incidents?

That’s a great question, but a tough one to answer. Transparency is good, but it can also unintentionally lead to further incidents. Do you really want to let your whole institution know about an exploitable weakness? Also, employees can spread information about incidents on social media, which can actually lead to the spread of misinformation. If you are in doubt about whether or not to inform the entire institution about an incident, refer to your Legal Department. In general, institution-wide communication should be direct: We’ve had an incident; these are the facts; this is what you are allowed to say on social media; and this is what you’re not allowed to say on social media.

Another great but tough question: When do you tell the public about an incident? For this type of communication, you’re going to need buy-in from various sources: senior leadership, Legal, HR, and your PR team or external PR partners. You have to make sure the public messaging is consistent. Otherwise, citizens and the media will try to poke holes in your official story. And that can lead to even more issues.

What are the key takeaways for higher education leaders?

Here are key takeaways to help higher education leaders prepare for and respond appropriately to cybersecurity incidents:

  1. Understand your institution’s current cybersecurity environment. 
    Questions to consider: Do you have Chief Information Security Officer (CISO) and/or a dedicated cybersecurity team at your institution? Have you conducted the appropriate audits and assessments to understand your institution’s vulnerabilities and risks?
  2. Ensure you are prepared for cybersecurity incidents. 
    Questions to consider: Do you have a cybersecurity plan with the appropriate response, communication, and recovery plans/processes? Are you practicing your plan by walking through tabletop exercises? Do you have incident response teams?

Higher education continues to face growing threats of cybersecurity attacks – and it’s no longer a matter of if, but when. Leaders can help mitigate the risk to their institutions by proactively planning with incident response plans, communication plans, and table-top exercises. If you need help creating an incident response plan or wish to speak to us regarding preparing for cybersecurity threats, please reach out to us.
 

Article
Cyberattacks in higher education—How prepared are you?

Cloud services are becoming more and more omnipresent, and rapidly changing how companies and organizations conduct their day-to-day business.

Many higher education institutions currently utilize cloud services for learning management systems (LMS) and student email systems. Yet there are some common misunderstandings and assumptions about cloud services, especially among higher education administrative leaders who may lack IT knowledge. The following information will provide these leaders with a better understanding of cloud services and how to develop a cloud services strategy.

What are cloud services?

Cloud services are internet-based technology services provided and/or hosted by offsite vendors. Cloud services can include a variety of applications, resources, and services, and are designed to be easily scalable, cost effective, and fully managed by the cloud services vendor.

What are the different types?

Cloud services are generally categorized by what they provide. Today, there are four primary types of cloud services:

Cloud Service Types 

Cloud services can be further categorized by how they are provided:

  1. Private cloud services are dedicated to only one client. Security and control is the biggest value for using a private cloud service.
  2. Public cloud services are shared across multiple clients. Cost effectiveness is the best value of public cloud services because resources are shared among a large number of clients.
  3. Hybrid cloud services are combinations of on-premise software and cloud services. The value of hybrid cloud services is the ability to adopt new cloud services (private or public) slowly while maintaining on-premise services that continue to provide value.

How do cloud services benefit higher education institutions?

Higher education administrative leaders should understand that cloud services provide multiple benefits.
Some examples:

Cloud-Services-for-Higher-Education


What possible problems do cloud services present to higher education institutions?

At the dawn of the cloud era, many of the problems were technical or operational in nature. As cloud services have become more sophisticated, the problems have become more security and business related. Today, higher education institutions have to tackle challenges such as cybersecurity/disaster recovery, data ownership, data governance, data compliance, and integration complexities.

While these problems and questions may be daunting, they can be overcome with strong leadership and best-practice policies, processes, and controls.

How can higher education administrative leaders develop a cloud services strategy?

You should work closely with IT leadership to complete this five-step planning checklist to develop a cloud services strategy: 

1. 

Identify new services to be added or consolidated; build a business case and identify the return on investment (ROI) for moving to the cloud, in order to answer:

• 

What cloud services does your institution already have?

• 

What cloud services does your institution already have?

• 

What services should you consider replacing with cloud services, and why?

• 

How are data decisions being made?

2. 

Identify design, technical, network, and security requirements (e.g., private or public; are there cloud services already in place that can be expanded upon, such as a private cloud service), in order to answer:

• 

Is your IT staff ready to migrate, manage, and support cloud services?

• 

Do your business processes align with using cloud services?

• 

Do cloud service-provided policies align with your institution’s security policies?

• 

Do you have the in-house expertise to integrate cloud services with existing on-premise services?

3. 

Decide where data will be stored; data governance (e.g., on-premise, off-premise data center, cloud), in order to answer:

• 

Who owns the data in the institution’s cloud, and where?

• 

Who is accountable for data decisions?

4. 

Integrate with current infrastructure; ensure cloud strategy easily allows scalability for expansion and additional services, in order to answer:

• 

What integration points will you have between on-premise and cloud applications or services, and can the institution easily implement, manage, and support them?

5. 

Identify business requirements — budget, timing, practices, policies, and controls required for cloud services and compliance, in order to answer:

• 

Will your business model need to change in order to support a different cost model for cloud services (i.e., less capital for equipment purchases every three to five years versus a steady monthly/yearly operating cost model for cloud services)?

• 

Does your institution understand the current state and federal compliance and privacy regulations as they relate to data?

• 

Do you have a contingency plan if its primary cloud services provider goes out of business?

• 

Do your contracts align with institutional, state, and federal guidelines?

Need assistance?

BerryDunn’s higher education team focuses on advising colleges and universities in improving services, reducing costs, and adding value. Our team is well qualified to assist in understanding the cloud “skyscape.” If your institution seeks to maximize the value of cloud services or develop a cloud services strategy, please contact me.

Article
Cloud services 101: An almanac for higher education leaders

Read this if you are a plan sponsor of employee benefit plans.

Employee Retention Credit (ERC)

There is still time to claim the Employee Retention Credit, if eligible. The due date for filing Form 941-X to claim the credit is generally three years from the date of the originally filed Form 941. 

The ERC is a refundable payroll tax credit for wages paid and health coverage provided by an employer whose operations were either fully or partially suspended due to COVID-related governmental orders or that experienced a significant reduction in gross receipts. 

The amount of the credit can be substantial. For 2020, the credit is 50% of the first $10,000 of qualified wages per employee for the qualifying period beginning as early as March 12, 2020, and ending December 31, 2020 (thus the max credit per employee is $5,000 in 2020). For 2021, the credit is 70% of the first $10,000 of qualified wages per employee, per qualifying quarter (thus the potential max credit is $21,000 per employee in 2021). 

For 2021, employers with 500 or fewer full-time employees in 2019 may include all wages and health plan expenses as qualified wages. For 2020, employers with 100 or fewer full-time employees in 2019 may include all wages and health plan expenses as qualified wages while employers with more than 100 full-time employees in 2019 may only claim the credit for qualified wages paid to employees who did not provide services. For purposes of determining full-time employees, an employer only needs to include those that work 30 hours a week or 130 hours a month in the calculation. Part-time employees working less than this would not be considered in the employee count.

There is additional interplay between claiming the ERC and the wages used for PPP loan forgiveness that will need to be considered. 

Student loan repayment programs

One of the benefits younger employees would like to receive from their employer is assistance with student loan repayments. A recent study indicated an employee would commit to working for an employer for at least five years if the employer assisted with student loan payments. Some employers have been providing such a benefit and, until 2020, any student loan payments made by the employer would have been considered taxable income. 

Beginning in 2020 and through 2025, at least for now, employers are permitted to provide tax-free student loan repayment benefits to employees. In order to receive tax-free payments, such a plan must be in writing and must be offered to a non-discriminatory group of employees. In addition, the tax-free benefit must be limited to $5,250 per calendar year. Now may be the time to consider offering student loan repayment benefits to help retain and attract employees.

Automatic enrollment for employee deferrals in 401(k)/403(b) plan

Most employers offer an employer-sponsored retirement plan such as a 401(k) plan or 403(b) plan to their employees. However, the federal government and several state governments are concerned that employees are either not saving enough for retirement and/or do not have access to an employer-sponsored retirement plan. Some states are mandating the establishment of an employer-sponsored retirement plan, or mandatory participation in a state-sponsored multiple employer plan (MEP). Other states are mandating that employers who do not sponsor a 401(k) or 403(b) plan provide automatic employee payroll deductions into a state-sponsored Individual Retirement Account (IRA) type vehicle sponsored by the state. If you do not already sponsor a 401(k) or 403(b) plan you should confirm if your state has any requirements.

For those employers who do sponsor a 401(k) or 403(b) plan, you should consider implementing an automatic enrollment provision if you have not done so already. Automatic enrollment requires a certain percentage of an employee’s wages to be withheld and deposited into the 401(k) or 403(b) plan each pay period, unless the employee elects otherwise. While the current law does not require an employer to use automatic enrollment, there is pending legislation that would require an automatic enrollment provision in any new retirement plan. Even though existing plans would be grandfathered under the pending legislation, it may be worth implementing an automatic enrollment provision in the 401(k) or 403(b) plan to help and encourage employees to save for retirement. 

If you have questions about any of these or other employee benefit topics, please contact our Employee Benefits Audit team. We're here to help.

Article
Employee benefit plan updates: The Employee Retention Credit and student loan repayment programs

Read this if you want to understand the new lease accounting standard.

What is ASC 842?

ASC 842, Leases, is the new lease accounting standard issued by the Financial Accounting Standards Board (FASB). This new standard supersedes ASC 840. For entities that have not yet adopted the guidance from ASC 842, it is effective for non-public companies and private not-for-profit entities for reporting periods beginning after December 15, 2021.

ASC 842 (sometimes referred to as Topic 842 or the new lease standard) contains guidance on the accounting and financial reporting for agreements meeting the standard’s definition of a lease. The goal of the new standard is to:

  • Streamline the accounting for leases under US GAAP and better align with International Accounting Standards lease standards 
  • Enhance transparency into liabilities resulting from leasing arrangements (particularly operating lease contracts)
  • Reduce off-balance-sheet activities

What is the definition of a lease under the new standard?

ASC 842 defines a lease as “A contract, or part of a contract, that conveys the right to control the use of identified property, plant, or equipment (an identified asset) for a period of time in exchange for consideration.” 

This definition outlines four primary characteristics to consider: 1) an identified asset, 2) the right to control the use of that asset, 3) a period of time, and 4) consideration.

(For a deeper dive into what constitutes a lease, you can download the BerryDunn lease accounting guide here.) 

How will this affect your organization?

  • Lease arrangements have to be classified as finance, operating, or short-term leases. In general accounting for the lease asset and liability is as follows:

    • For finance leases, use the effective interest method to amortize the liability, and amortize the asset on a straight-line basis over the lease term. Note that this has the effect of “front-loading” the expense into the early years of the lease.

    • For operating leases (e.g., equipment and some property leases), the lease asset and liability would be amortized to achieve a straight-line expense impact for each year of the lease term. ASC topic 842 establishes the right-of-use asset model, which shifts from the risk-and-reward approach to a control-based approach. 
  • Lessees will recognize a lease liability of the present value of the future minimum lease payments on the balance sheet and a corresponding right of use asset representing their right to use the leased asset over the lease term. 
  • The present value of the lease payments is required to be measured using the discount rate implicit in the lease if its readily determinable. More likely than not it will not be readily determinable, and you would use a discount rate that equals the lessee’s current borrowing rate (i.e., what it could borrow a comparable amount for, at a comparable term, using a comparable asset as collateral).
  • It will be critical to consider the effect of the new rules on your organization’s debt covenants. All things being equal, debt to equity ratios will increase as a result of adding lease liabilities to the balance sheet. Lenders and borrowers may need to consider whether to change required debt to equity ratios as they negotiate the terms of loan agreements.

Time to implement: What do you need to do next?

The starting place for implementation is ensuring you have a complete listing of all known lease contracts for real estate property, plant, and equipment. However, since leases can be in contracts that you would not expect to have leases, such as service contracts for storage space, long-term supply agreements, and delivery service contracts, you will also need to broaden your review to more than your organization’s current lease expense accounts. 


We recommend reviewing all expense accounts to look for recurring payments, because these often have the potential to have contracts that contain a lease. Once you have a list of recurring payments, review the contracts for these payments to identify leases. If the contract meets the elements of a lease—a contract, or part of a contract, that conveys the right to control the use of identified property, plant, or equipment (an identified asset) for a period of time in exchange for consideration—your organization has a lease that should be added to your listing.

Additionally, your organization is required to consider the materiality of leases for recognition of ASC 842. There are no explicit requirements (that, of course, would make things too easy!). One approach to developing a capitalization threshold for leases (e.g., the dollar amount that determines the proper financial reporting of the asset) is to use the lesser of the following: 

  • A capitalization threshold for PP&E, including ROU assets (i.e., the threshold takes into account the effect of leased assets determined in accordance with ASC 842) 
  • A recognition threshold for liabilities that considers the effect of lease liabilities determined in accordance with ASC 842

Under this approach, if a right-of-use asset is below the established capitalization threshold, it would immediately be recognized as an expense. 

It's important to keep in mind the overall disclosure objective of 842 "which is to enable users of financial statements to assess the amount, timing, and uncertainty of cash flows arising from leases". It's up to the organization to determine the level of details and emphasis needed on various disclosure requirements to satisfy the disclosure objective. With that objective in mind, significant judgment will be required to determine the level of disclosures necessary for an entity. However, simply put, the more extensive the organization's leasing activities, the more comprehensive the disclosures are expected to be. 

Don't wait, download our lease implementation organizer (Excel file) to get started today! 

Key takeaways and next steps:

  •  ASC 842 is effective for reporting periods beginning after December 15, 2021
  • Establish policies and procedures for lease accounting, including a materiality threshold for assessing leases
  • Develop a system to capture data related to lease terms, estimated lease payments, and other components of lease agreements that could affect the liability and asset being reported
  • Evaluate if bond covenants or debt limits need to be modified due to implementation of this standard
  • Determine if there are below market leases/gifts-in-kind of leased assets

If you have questions about finance or operating leases, or need help with the new standard, BerryDunn has numerous resources available below and please don’t hesitate to contact the lease accounting team. We’re here to help. 

Lease accounting resources 

Article
ASC 842 lease accounting—get started today before it's too late

Read this if you are working on a well-being program at your organization. 

When looking to develop or enhance well-being programs at work, many organizations don’t know where to start. A well-being survey is a smart first step to solidify your organization’s approach to supporting a thriving workforce. An effectively designed well-being survey will not only provide valuable insights to the needs of your workforce, it will also be repeatable so you can measure the success of your well-being efforts over time. Here are five tips to help you create a successful well-being survey.  

  1. Include questions about organizational culture. It is unlikely you will engage every single employee with well-being programs and benefits. Some people just like to do their own thing. However, organizational culture is something that influences everyone and is the ultimate source of empowerment for employee well-being. Including at least a couple of questions that assess how effectively your workplace culture promotes well-being will give you the broadest sense of whether you are on the right track with your well-being efforts. 
  2. Carefully consider wording. There is a big difference between the question “How well does our organization support your well-being?” and “How satisfied are you with our organization’s support for your well-being?” For instance, an organization may invest heavily in mental health, but that support may not be resonating with employees. The second question will provide clear insights into how well the organization’s well-being efforts are connecting with employee needs. 
  3. Have a strategy to promote engagement. Your survey response rate can be influenced by who sends the survey and who sends the survey reminder. While it may be logical for the survey to come from Human Resources, we suggest having the survey come from either the Chief Executive Officer or Chief Operations Officer (or equivalent). This signifies that your organization views well-being as a business strategy. Survey reminders tend to be most effective when sent from department managers. This reinforces the messaging about well-being being a business strategy and signifies commitment at all levels of leadership. 
  4. Include space for open comments. Multiple choice and basic ranking questions can help keep a survey direct and are easy to respond to. They also provide data that is easier to analyze and compare year over year. However, it’s not possible to anticipate every need with multiple choice questions, and some of the best suggestions and ideas, as well as some of the most constructive remarks, will come in the form of open commentary. 
  5. Keep it anonymous but collect some demographic data. An anonymous survey will not only result in more candid feedback, but it will also avoid inadvertently collecting personal health information that may be disclosed (particularly in open comments). Having optional questions to self-identify department, office, or work arrangement (hybrid, remote, in person) can help identify high-risk groups ('high risk' meaning those who have a low perception of their well-being and the organizational culture). Making these questions optional reduces the risk that an employee will abandon the survey due to fear of being identified based on demographic responses (e.g., an employee who is the only remote employee in their department). 

A well-designed well-being survey can serve as a launchpad for a transformational well-being initiative, especially if your organization is prepared to report and act on results. For more information on how your organization can create and deliver a well-being survey, or if you have other well-being program questions specific to your organization, please contact our Well-being consulting team. We’re here to help.

Article
Five tips for employee well-being surveys that work

Read this if you are a New Hampshire resident or do business across state lines.

On June 17, 2022, New Hampshire’s Governor, Chris Sununu, signed House Bill 1097 (HB1097) into law. This new legislation asserts that income earned and received by residents of the State of New Hampshire for services entirely performed within the state may not be subject to income taxation in any other state.

The signing of this bill was in response to the US Supreme Court declining to hear a case in which the state of New Hampshire sued the Commonwealth of Massachusetts. This case stemmed from the Commonwealth issuing temporary and early guidance as the pandemic forced New Hampshire workers who would normally commute to Massachusetts to work from home. The early guidance directed employers to maintain the status quo: Keep withholding income tax on your employees in the same manner that you were, even if the workers may not be physically coming into the Commonwealth.

Even though the Massachusetts Department of Revenue lifted the emergency telecommuting rules effective September 2021, New Hampshire lawmakers wanted to prevent any future personal income taxation of its residents who work remotely for a company in another state. For more context, read the July 2021 article from our state and local tax team about the dispute between Massachusetts and New Hampshire.

New Hampshire’s recently passed legislation was an example of its desire to protect its favorable business climate, defined in part by its lack of personal income tax, from the perceived overreach of its neighboring states. Although the telecommuting rules imposed by Massachusetts are no longer effective, House Bill 1097 was introduced to discourage any subsequent taxation of New Hampshire residents who are performing work solely in the Granite State.

This issue of interstate taxation is not unique to New Hampshire and Massachusetts, as dozens of other states have issued temporary regulations and requested guidance from the Supreme Court. As these issues rise in prominence, it will be important for both employee and employer taxpayers to review the guidance issued by each state to confirm the applicable tax treatment is proper.

If you have questions about how the tax law changes may affect you, please contact a member of our state and local tax team.

Article
New Hampshire says no to income taxation by neighboring states