Corporations have embraced cloud technology for everything from human resources to customer relationship management, yet the finance department isn’t jumping on board. What’s holding them back and how can they benefit from cloud-based financial systems?
Finance professionals aren’t risk-takers. We were taught to be conservative, professionally skeptical and to be good custodians of company assets. We are always planning for a rainy day and conservative by nature. As the senior leader responsible for handling risk and compliance for an entire company, a CFO is often cautious when it comes to adopting new types of technology—especially for the core accounting operations.
Many CFOs believe that moving financial systems to the cloud means forgoing security, data ownership, and weakening internal controls and audit trails. These beliefs span the full spectrum. Some financial professionals solely believe in sticking with their on-premise software, some who believe in hybrid solutions, while others want a completely cloud-based environment. By myth-busting cloud concerns and clarifying the benefits of different IT environments, this article should provide the information finance executives need to understand the potential benefits of cloud-based software.
Security in the Cloud
Security concerns tend to be the greatest source of anxiety when it comes to adoption of cloud technology.Security is a valid concern, but moving to cloud-based financial solutions doesn’t mean increasing risk. Most businesses already conduct sensitive transactions such as banking and highly sensitive payroll via the Internet—meaning they’re using the cloud.
Cloud vendors are aware of the importance of robust security and many have invested heavily in this area in order to offer the highest level of data protection and security. A cloud datacenter will employ more advanced security measures, redundant power sources and multiple back-up systems that are often too expensive for single companies to deploy on their own.
Vendors often set up cloud data centers in a number of different locations to minimize the risk of disruption of service.If there is an outage in one location, the service can be automatically transferred to a backup data center, often with minimal interruption in service. Additionally, there are specific technology standards by which the leading cloud players secure their data centers.
For finance executives who may have concerns about internal controls and audits, there are standards to help ensure that a cloud provider has taken the proper steps to keep financial data secure and compliant. These standards—namely the Statement on Standards for Attestation Engagements No. 16 (SSAE 16) in the U.S., and its international cousin, the International Standard on Assurance Engagements No. 3402 (ISAE 3402)—provide guidance to accounting firms who audit a cloud service provider’s operations. When performing an audit, accountants must also assess the effectiveness of a provider’s internal controls and other measures to safeguard financial data from tampering.
Upon completing an internal controls audit, the cloud provider’s auditor will issue a report attesting to the compliance with the above standards to its customers and other external stakeholders. For concerned CFOs, these security standards help provide extra assurance that financial data is safe or compliant in the cloud.