Cloud Accounting: Preparing Chartered Accountants for the Future

“Advancement in Digital technology across geographies and industries has made cloud computing infrastructure and applications as one of the fastest growing categories in IT expenditure. Cloud computing creates multiple possibilities for each and every organisation irrespective of its size and is a great productivity enabling tool which can create foundation for a flexible innovation infrastructure. In last few years, cloud computing has become a mature and reliable technology providing access to core business applications, analytics and collaboration tools” –CA. Prafulla P. Chhajed, Former President, ICAI.

“Cloud computing is today’s leading driver of emerging technological landscape and organisations are making it an integral part of their digital initiatives. Analytics and machine learning capabilities that are housed in the cloud are also frequently offered alongside thereby leading to exponential growth in adoption of cloud. Accountants can play a crucial role in developing intelligent platform independent and cloud-based systems which are interrelated in ecosystems and tailored to the requirement of individual entity/ organisation” –CA. Atul Kumar Gupta, Former Vice President, ICAI.

The Institute of Chartered Accountants in India (ICAI) has constituted “Digital Accounting and Assurance Board” (DAAB) for fostering a cohesive global strategy on aspects related to digital accounting and assurance, through sharing of knowledge and practices amongst the members. DAAB is endeavouring to identify, deliberate and highlight on issues in accounting (including valuation) and assurance (including internal audit) issues in the digital world.

The National Institute of Standards and Technology (NIST) defines cloud computing as: “Cloud computing is a model for enabling ubiquitous, convenient, on-demand, network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management efforts or service provider interaction.”

In simpler terms, cloud is a set of resources, such as, processors and memory, which are put in a big pool. As per the requirement, cloud assigns resources to the client, who then connects them over the network. Further, clouds are multi-tenant by nature, i.e., multiple different consumers share the same pool of resources but are isolated and segregated from each other.

Following are essential characteristics of Cloud Computing as defined by NIST –

• Resource Pooling is the most fundamental characteristic of cloud computing. The provider abstracts resources and collects them into a pool, portions of which can be allocated to different consumers.
• Cloud provides usage on-demand self-service, i.e., consumers manage their resources themselves, without having to talk to a human administrator.
• All resources on cloud are available over a network hence there is no direct physical access.
• Rapid elasticity allows consumers to expand or contract the resources they use from the pool thereby enabling them to match resource consumption with demand.
• Measured service meters to ensure that consumers only use what they are allotted, and, if necessary, to charge them for it.

Cloud Security consists of following three components –

• Infrastructure Security – It is the foundation for operating securely in the cloud and encompasses the lowest layers of security, from physical facilities through the consumer’s configuration and implementation of infrastructure components. In a nutshell, it covers fundamental components that everything in the cloud is built from, including computer (workload), networking and storage security.
• Application Security – It encompasses an incredibly complex and large body of knowledge, everything from early design and threat modelling to maintaining and defending applications. Cloud computing mostly brings security benefits to applications, but as with most areas of cloud technology, it does require commensurate changes to existing practices, processes, and technologies that were not designed to operate in the cloud.
• Data Security and Encryption – Data security is key enforcement tool for information and data governance. Data security controls tend to fall into three buckets – controlling what data goes into the cloud; protecting and managing the data in the cloud; enforcing information lifecycle management security.

Cloud computing opens a new, wide area of opportunities for accountancy professionals, which includes following:-

1. Making cost benefit analysis for clients as to whether to deploy cloud computing or in-house computing
2. Consultation for the implementation of cloud computing facilities including migration to this technology from existing ones
3. Training to the user staff as regards the operating of these facilities
4. Direct and indirect taxation consultancy to cloud service providers, including international taxation consultancy
5. Management consultancy and assistance to management in the process of conversion from traditional computing system to cloud based and training employees regarding the operation of system under the cloud based system. The assistance can also be provided to the type of cloud computing environment the organization should adopt and selecting the suitable service model to increase ROI and also to system audit of these facilities.

The consulting areas for Chartered Accountants in cloud environment includes Cloud Vendor Evaluation, Cloud Contract Negotiation, Cloud Implementation Advisor in Organization and Providing Advisory role in control implementation.

Assurance in cloud computing can be provided by measuring and checking cloud service providers’ ability to securely deliver cloud services in accordance with industry cloud best practices, standards and regulatory compliance. This helps customers know which cloud provider delivers the best cloud assurance score and history, a measure of cloud trust they can depend on. A strategic and logical cloud assurance framework enables safe and secure adoption of Cloud Computing. It can provide senior management and business leaders with the confidence that cloud assurance has been undertaken.

Besides the generic approach to minimizing risk to the organization through a careful review of the contract, supporting appendices and service level agreements (SLAs), it is recommended that the auditor supplements the review by first identifying the type of cloud that is being contracted.

Cloud computing governance is a general term for applying specific policies or principles to the use of cloud computing services. The goal is to secure the applications and data when they are located locally. Cloud computing governance is a view of IT governance focused on accountability, defining decision rights and balancing benefit or value, risk, and resources in an environment embracing cloud computing. Cloud computing governance creates business driven policies and principles that establish the appropriate degree of investments and control around the lifecycle process for cloud computing services.

Cloud Computing offers certain challenges to Chartered Accountants. They are:

• Confidentiality– Since confidentiality plays a major role in protecting organizational or individual data, information security protocols should be implemented at various different layers of cloud applications. There is always a possibility that the data stored in the cloud may mingle with other user’s data. Data can also be compromised unintentionally due to data remanence. It is the residual representation of the data that remains even after efforts are made to erase the data. Confidentiality can also be compromised due to non-trustworthy cloud service providers (CSP).
• Integrity – After storing data to the cloud, user depends on the cloud to provide more reliable services to them and hopes that their data and applications are in secured manner. But that hope may fail sometimes if the user’s data may be altered or deleted. Sometimes, the cloud service providers may be dishonest and they may discard the data, which has not been accessed or rarely accessed to save the storage space or keep fewer replicas when promised.
• Availability – With the advent of cloud services there is a considerable shift of these resources into the cloud. While cloud computing presents some cost effective benefits for the consumers and businesses, it is also extremely important for the cloud service providers to offer environments that are highly scalable and high in availability. This will in many ways dictate the credibility of these cloud services.
• Data Privacy – Cloud computing presents some serious challenges to data privacy of the chartered accountants. In fact, many cloud-based social media rely on their leverage on an individual’s private information to make profits. Therefore, it is highly probable for these companies to have clashes with their customers regarding their privacy policies.
• Data Ownership -A number of cloud services tend to acquire user data and store it. The user will not be able to retrieve this data after he provided it and, hence, needs a detail evaluation. For instance, CAs audit data and customer personal information does not permit other services to access all the user data. In this particular case, personal data such as, the numbers, email address of the customer or regulators cannot be retrieved by third party services through any other software.
• Backup Challenges – Perhaps one of the biggest concerns that organizations have about cloud backup and disaster recovery is that of security. A well-executed data protection plan backs up all the information that an organization might need to restore to ensure that the business can continue operating.

Cloud computing has become a great solution for providing a flexible, on-demand, and dynamically scalable computing infrastructure for many applications. Cloud computing also presents a significant technology trend, and it is already obvious that it is reshaping information technology processes and the IT marketplace. For cloud computing to reach the full potential promised by the technology, it must offer solid information security.

Cloud Computing can provide an opportunity to professional accountants to automate their process and deliver client services in an efficient, error-free and faster way. ICAEW’s document “The Future of the Profession” states that new ways of doing business, shaped by technology and shifting regulatory environments, mean accountants in business and practice are facing tough challenges and exciting opportunities. Further, it mentions skills required of accountants in the future are tech-savvy thinkers, strong communicators, flexible thinkers, strategic thinkers and good networkers.

Support our journalism by subscribing to Taxscan premium. Follow us on Telegram for quick updates

Want to explore further? Check out our related book here: