In the auditing and compliance world, the buzzwords right now are IFRS and SSAE. IFRS stands for Internaltional Financial Reporting Standard and SSAE stands for Statement on Standards for Attestation Engagement. They both gear towards standardizing the laws which is necessary looking at the current nature of Business. In my opinion, Globalization and Outsourcing are two major catalysts for standardization.
In the Technology world servers/infrastructure will soon become obselete. A lot of companies has already started using SaaS (Software as a service) and PaaS (Platform as a service) along with SOA (Service Oriented Architecture). The world of cloud computing is next in line. Now the question arises what does these all mean for compliance? Saas had a simple solution for compliance – SLAs (Service Level Agreements). But with cloud computing its totally a different story.
Let me start by giving a brief background on cloud computing –
According to Wikipedia, Cloud computing refers to the use of Internet (“cloud”) based computer technology for a variety of services. In layman’s terms, it means you don’t have your own processing / storage / both and use a provider like Amazon or Google for it. There are mainly four different categories where an enterprise can use cloud computing
- Storage and
- Raw Computing.
Cloud computing has its own benefits and risks. Benefits inlcude lower capital expenses, innovation, scalability and performance. Compliance is the biggest risk because you have servers anywhere in the world that will either process/store your information and give back the results. And it is so dynamic in nature that it is not processed/stored at one single location. Anywho, the benefits are ten fold using this technology and I am sure we will come up with a solution. In short, cloud compliance is going to be the next big thing.