“Does ‘cloud computing’ present additional internal control issues beyond those encountered in traditional computing?” Unaware of what is meant by “cloud computing,” this writer, after some research on the subject matter, believes that the answer to this question is YES, “cloud computing” does present additional internal control issues beyond the internal controls encountered in traditional computing. This question is answered from the viewpoint of a client company that has transferred its data to a cloud. It seems that there will always be a need for internal controls; however, where those controls are located is dependent upon the type of network infrastructure a company uses. When compared to traditional computing, cloud computing seems to have the opposite effect on internal controls of the client company: there is actually a decrease or elimination of internal controls for the company.
Internal controls are processes designed by companies to ensure the security, accuracy, and completeness of its financial and accounting data. These processes are put in place by the company to ensure adherence to its policies and plans while also protecting its valuable data from unauthorized access. A majority of companies, whether or not they know it, have some form internal control system in place. One area in particular that will most likely entail having internal controls is a company’s information network as the security of the network is the primary objective. Without these controls in place, a company allows itself to become vulnerable to network intrusion and possible data manipulation.
Traditionally, a company will have dedicated servers and other hardware located somewhere within their organization that comprise the infrastructure of their information system. Since the data stored in the information system is most likely the most valuable asset of a company, information technology personnel are tasked with instituting internal security measures that ensure the safeguard of information from unauthorized access.
With the continuing transformation of the computing field, companies evaluate their needs from time to time and make necessary changes accordingly. Unlike traditional computing that can be very costly depending on a company’s IT needs, cloud computing “offers the promise of massive cost savings combined with increased IT agility” (NIST, 2011). According to Vehlow and Golkowsky (2011, 20), as companies transform their IT systems over to a cloud computing system they no longer can use their internal controls to monitor the system. This writer believes this to be true because when comparing companies that utilize cloud computing to those that use traditional computing methods, the companies engaged in the cloud no longer need the enforcement of security measures since the data is stored with a service...