• GJM Blog

    Important Industry News & Helpful Tips

Gilmore Jasion Mahler Announces Promotions and Personnel Changes

Gilmore Jasion Mahler is pleased to announce that continued growth has led to a number of promotions and further strengthening of the leadership team at Gilmore Jasion Mahler (GJM).

Greg Taylor, CPAGreg Taylor, CPA joined Gilmore Jasion Mahler in October as a partner. A member of the GJM Manufacturing Specialist Group, Greg brings to his role thirty years of experience in both public accounting and industry, having worked as a chief financial offer/vice president of finance for multiple businesses. 


Ken Saggese, CPAJ. Kenneth Saggese, CPA was promoted to partner in the assurance department after eleven years with the firm. A member of GJM’s Construction and Real Estate Specialist Team, Ken works with clients across the industry, with an expertise in affordable housing.  


Mike Brough, CPAMike Brough, CPA was also recently promoted from senior manager to partner in the assurance department. Mike works in a number of industries, including manufacturing & distribution, government, and nonprofit. Among his areas of expertise: employee benefit plans.


Other recent promotions at Gilmore Jasion Mahler include:

Healthcare Specialist Group members Matt Cavanagh and Jamie Dixon have been promoted to senior manager. Construction Specialist Group member Alex Spieker has been promoted to manager and Ben Lochbihler, also a member of the construction team, has been promoted to supervisor. A number of GJM associates have been promoted to senior associate, including Cole Bruner, Jennifer Bryant, Mackenzie Gross, Stacie Heitmeyer, Krista Huff, Hannah Nowak, Lucas Pennington, Sadie Purk and Jodi Rabquer.

The GJM administrative team has grown as well, with the addition of Amy McCurdy and Karen Mossing. They join administrative team members, many of whom have been in their roles for ten to twenty years, or longer.

”It’s exciting to see the changes at Gilmore Jasion Mahler,” says Managing Partner Kevin Gilmore. “I’m proud of the accomplishments of our staff, and pleased to have Greg Taylor join our already strong leadership team. We’ve put together a team of the best public accounting professionals in the area to serve our clients.”

Established in 1996, Gilmore Jasion Mahler, LTD is the largest public accounting firm in the region, with offices in Maumee and Findlay. Locally owned, GJM offers comprehensive financial services including assurance, business advisory, tax, risk advisory and healthcare management. GJM’s professionals specialize in industries including construction & real estate, healthcare, manufacturing & distribution and utilities.

Spreading Holiday Cheer

holiday party craft makingSpecial gifts from Santa, a nice hot meal, bowling, crafts, shopping for gifts.

Plenty of smiles as dozens of area children joined their big brothers and big sisters as well as their families for the annual Big Brothers Big Sisters of Northwestern Ohio holiday party. This year's event was held Monday, December 4 at Miracle Lanes on Jackman Road in Toledo. The children enjoyed bowling this year and had fun making gift cards and ornaments. They also earned tickets to go shopping for gifts for their family members, which is always one of their favorite activities at the event. Gilmore Jasion Mahler hosts the party every year, with employees volunteering as gift wrappers, crafters and servers, among other roles. Law firm Eastman & Smith also contributes to the event with volunteers and financial support. GJM also helped out once again this year at the Children's Mentoring Connection holiday party in Findlay. Thank you to all who made this year's events such a great success!


Social Media for Accounting Firms. What are You Waiting For?

social media iconsShortly after I came on board as marketing manager for public accounting firm Gilmore Jasion Mahler, I told leadership I wanted to create a Facebook page for the firm, ramp up our content on LinkedIn and bring back to life a dormant Twitter account.

Two and a half years later, I would suggest that many here at the firm can’t remember what it was like to not have a strong social media presence. Yes, it has taken some adjusting, but there is no doubt in my mind that if you’re an accounting firm serving clients and looking to grow your business, you need to have a social media presence. If you’re thinking you’re too late to the game and there’s no point in jumping into social media so far behind your competition, I say we all need to start somewhere. So what if your competition has an established social media presence? You will too.

Here’s some of what I’ve observed since Gilmore Jasion Mahler embraced social media:

  1. Our people are connecting with each other in a new way. They enjoy seeing and sharing our social content.
  2. We’re able to publicly recognize the professional and personal accomplishments of our people.
  3. Recruits and potential recruits are able to find us, “check us out” and get a feel for what it might be like to work at our firm. Some who have come on board tell us they used our Facebook page to get a better feel for the workplace prior to their interview process.
  4. We’re able to share pictures and information from our many community service efforts.
  5. We have a new way of communicating important information to clients and prospects.
  6. Our social media activity helps drive traffic to our website.
  7. We’re able to use social media to showcase our clients.
  8. Social media is now a powerful tool to promote our major fundraiser for a local nonprofit. GJM’s Carnevale 2017 raised over $123,000 for Flag City Honor Flight. We know that strong social media engagement pushed up our ticket sales and donations, and raised awareness about this year’s benefit event.

GJM Facebook pageWhat we have essentially created is a new online community for our firm, people, clients, prospects, potential employees and others. We’ve also created new channels for thought leadership, showcasing the expertise of our professionals.


Who should manage your social media? Social media falls under the marketing team at our firm. If your marketing leader or team members already have a full plate, consider enlisting one of your young staffers. He or she is probably already a social media rock star. Marketing can oversee the content/have administrative rights (the ability to remove or edit any posts on the page). Giving the responsibility to one of your staffers could have other benefits as well, including helping that employee stay engaged and become a firm champion.

Which Social Media Platforms?GJM Twitter

I’ve heard it said, and I agree, that it doesn’t make much sense to create a social media presence if you wind up with a dormant page with no activity. With so many social media platforms to choose from, I would recommend that you choose the two or three that seem most appropriate for your firm and concentrate your efforts there. We’ve settled on Facebook, Twitter, LinkedIn and YouTube at Gilmore Jasion Mahler. If you’re not sure where to start, perhaps your young staffer can pull together a small committee and come up with some social media recommendations for your firm.

Bottom line, in this “marketing lady’s” opinion, social media presence says a great deal about your firm. When a new client or potential recruit searches for you to connect on Facebook, wouldn’t you rather that they find you and join your online community? The alternative: not being found is simply a missed opportunity.

Ask yourself, what do you want to communicate about your firm and where is the audience you’re trying to reach? In 2017 there can be no doubt that the answer is online.

Established in 1996, Gilmore Jasion Mahler, LTD (GJM) is the largest public accounting firm in Northwest Ohio, with offices in Maumee and Findlay. Locally owned, GJM offers cloud-based accounting services and provides comprehensive financial services including assurance, business advisory, tax, risk advisory and healthcare management. The Firm’s professionals specialize in industries including construction & real estate, healthcare, manufacturing & distribution and utilities.

Susan Ross Wells is the marketing manager for Gilmore Jasion Mahler. With the firm for two and a half years, her professional background includes healthcare marketing, public relations and broadcast journalism.

Get to Know New GJM IT Audit Associate Matt Eckelberry

picture of new employee Matt EckelberryDescribe your role at GJM. I will be performing cybersecurity maturity assessments, design assessments of the IT environment, and audits/reviews of financial statements.

When did you start employment with GJM? My first day was on 9/11/2017.

Why did you choose the accounting industry? I chose the accounting/IT industry because of the potential value that we can bring to the people we work with.

What do you like best about accounting? I enjoy meeting new people, learning their story, while also learning about various industries and how the company operates.

Are you from the Toledo area originally? If not, where are you from? I am from a small village called Republic, which is East of Tiffin, and South of Fremont.

Where did you go to college? BGSU – Ay Ziggy!

Do you have any pets, hobbies, family? I have a 1.5 year old Australian Shepherd and Sheltie mix named Cooper.

How do you like to spend your free time? I am usually hanging out with friends, watching sports, and or playing video games.

Are you involved in any community organizations, do any volunteer work? Currently I am on a sub-committee of the Institute of Internal Auditors.

What is something people may be surprised to find out about you? I was in FFA and 4-H and I would show hogs during the Seneca County fair.

Learn more about GJM's capabilities in IT security assessment, consulting and implementation.

Just Read It! - Managing Service Provider Risk through SOC Reports

clipboard reportOutsource - verb - obtain (goods or a service) from an outside or foreign supplier, especially in place of an internal source.

For years the word outsource struck fear in the hearts of the American workforce. Worried their jobs were heading overseas, people at all levels dug deep to prove their worth in hopes of not being the next victim. The world has changed and so has how a company thinks about outsourcing. Many organizations have taken a hard look internally and recognized that they don’t have to do everything themselves. Forward-thinking organizations are maximizing their internal resources by focusing on the company’s most important initiatives and activities while handing off those that a third party can do better. Software as a Service (SaaS), Infrastructure as a Service (IaaS), or a specialist who provides that focus on one particular service or product are en vogue. The sheer volume of service providers and their capabilities has radically changed. 20 years ago, few would have expected an online retailer like Amazon to be a service provider. We have entered a new world of outsourcing – one defined by changing ambitions, new priorities, and a different set of challenges. 

Third Parties

Reliance on third parties is increasing in every industry, as organizations can gain greater efficiency, effectiveness and cost savings by shifting non-core functions to more experienced providers. As outsourcing grows in popularity and provider options rapidly increase, regulatory oversight is also expanding to monitor the sensitive data and processes that third parties are managing. What must be remembered is that while processes can be outsourced, their inherent risks cannot. Consequently, companies must pay closer attention to how they manage third parties, as they handle sensitive information more often and as regulatory enforcement increases to protect that data.

Internal Controls

When defining your system of internal control, you must consider the additional risks and controls that are handled by the service provider. Your end to end business process will include activities and controls that you as the company execute, and controls that your service provider executes. It is critical to work in concert to minimize the overall risk to your organization. It is also imperative that you gain a level of assurance that the controls at the service provider are designed in a way that address the risk and are placed in operation throughout the fiscal year.


The most typical way to gain this assurance is through a SSAE 18 SOC 1 or SOC 2 report.  SSAE 18 is the Statement on Standards for Attestation Engagements revision 18 in which the American Institute of Certified Public Accountants (AICPA) attempts to address concerns over the clarity, length, and complexity of its standards. The good news is the updated standard drives further commonalty amongst reports and raises the bar to meet the ever increasing standards set by regulators. Your expectation should be that your service provider will conduct such an assessment on an annual basis and provide you access to the final report.

There are two types of reports that are most commonly useful in this exercise:

SOC 1 a report on controls at a service organization that may be relevant to a user entities’ internal control over financial reporting.

SOC 2 a report based on the existing SysTrust and WebTrust principles. The purpose of a SOC 2 report is to evaluate an organization’s information systems relevant to security, availability, processing, integrity, confidentiality or privacy.

You must decide what type of report is best for you. If financial controls are most important, then it’s a SOC 1. If technical controls, then it’s a SOC 2.

You do not manage third party risk with a “check the box” approach. It is not enough to receive a report and file it away. You would not assess your own control environment in such a way. This is the most important lesson that many organizations need to learn. If you are relying on a SOC report as part of your Sarbanes-Oxley efforts, the evaluation of the report needs to be thoroughly documented to demonstrate the effectiveness of the review to your auditors.

Report in Hand: Now What?

Step 1:  Read the report!

  • Sounds simple enough, but too often this does not happen
  • Does the report have a clean opinion?
  • Does it cover the specific services and locations you are concerned about?
  • Did a reputable audit firm issue the report?
  • Does the report include testing the operating effectiveness of controls for a specific period of time (Type 2 report) or does the report only cover a specific point in time (Type 1)?

Step 2:  Map the controls and key reports to your control environment

  • Does the report provide coverage of what you view to be the key controls and supporting reports in the process?
  • Are there exceptions and how do they impact the overall control objective?
  • Do you come to the same conclusions?
  • Does the scope include a subservice organization? If so, do you need additional comfort over their control environment? Often the answer is yes.

Step 3:  Review the complimentary user entity controls

  • For SOC 1 and SOC 2 reports, there are controls that you are responsible to perform to ensure the overall control objective or criteria within the report is achieved
  • Include the identification and testing of such controls in your overall evaluation

While third parties can increase productivity and provide financial benefits, you retain responsibility for their inherent risks. Implementing a robust process to manage third party risk, including an effective review of service provider issued attestation reports, is mission critical. This is your control environment, so own it.

Matt Hoverman, CISA contributed this blog. Matt is a Director with Gilmore Jasion Mahler, LTD and leads the Firm’s IT consulting practice. He has spent his career helping businesses assess their IT risk level and creating a plan to maximize their technology investments.


Established in 1996, Gilmore Jasion Mahler, LTD (GJM) is the largest public accounting firm in Northwest Ohio, with offices in Maumee and Findlay. Locally owned, GJM offers comprehensive services including assurance, business advisory, tax, risk advisory and healthcare management. The Firm’s professionals specialize in industries including construction & real estate, healthcare, manufacturing & distribution and utilities. Follow us on LinkedIn, Twitter and Facebook.