Cloud Computing Opportunities & Challenges

Similar documents
Microsoft Services. Transform your digital security strategy to 04mitigate business risk

Today s CFO: Changing the game plan for tomorrow

Welcome to the postmodern era for public sector ERP

Navigating the New Health Economy

Trusted by more than 150 CSPs worldwide.

Mid-market technology trends: Leveraging disruption to drive value The Dbriefs Private Companies series Anthony Stephan, Principal, Deloitte

Internal audit strategic planning Making internal audit s vision a reality during a period of rapid transformation

A Changing Profession for a Changing Market: Evolving services, skills and talent to meet business demands

How Will Your Bank Thrive?

Certified Identity Governance Expert (CIGE) Overview & Curriculum

Turn Your Business Vision into Reality with Microsoft Dynamics SL

The Future of Sourcing Begins Now

The Business Capability Model from status quo to innovation! L. Gary Boomer, CPA, CITP, CGMA Visionary & Strategist

Perspective: TCS Supply Chain Center of Excellence An Update

DIGITAL STRATEGY SUMMARY

The Firm of the Future How Technology Will Impact and Enable Effective Firm Management. Sponsored By:

Mind the Gap: GDPR Ahead. Rakesh Sancheti. Author. July Vice President and Business Head - Analytics, Europe and Nordic

Building a Roadmap to Robust Identity and Access Management

Risk Advisory Services Developing your organisation s governance for competitive advantage

What is GDPR and Should You Care?

Extended Enterprise Risk Management

2017 North American Physical Security Intelligence Solutions Company of the Year Award

PTC FlexPLM 11 offers Next Generation Retail Product Lifecycle Management (PLM) capabilities through connectivity and enhanced usability that are

IT Strategic Plan Portland Community College 2017 Office of the CIO

RPA - Robotic Process Automation

Digital Transformation - What s Happening in Waste and Recycling Tech, Software, Cloud, Data, Mobile & Analytics?

MONITORING YOUR EMPLOYEES SOCIAL MEDIA ACTIVITY

SOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER

Secure information access is critical & more complex than ever

The Robots Are Rising

Reimagining IT: Leading technology organizations into the future The Dbriefs Technology Executives series

The direct approach Finding new value with direct procurement

NSW DIGITAL GOVERNMENT STRATEGY. digital nsw DRIVING WHOLE OF GOVERNMENT DIGITAL TRANSFORMATION DESIGNING IN OUR NSW DIGITAL FUTURE

DLT AnalyticsStack. Powering big data, analytics and data science strategies for government agencies

DEMYSTIFYING WORKFLOW

Microsoft Dynamics 365 and Columbus

Enhancing Audit Committee Excellences through Internal Audit. 21 November 2017

Kseniia Jones Senior Manager Global Risk Advisory Deloitte UK

Global Manufacturing Industry Landscape

Contents: Choosing a. cloud-based. phone system provider. Getting it right first time.

Risk Management For and By the BOT. Secured BOT Series

Fulfilling CDM Phase II with Identity Governance and Provisioning

BENEFITS OF AN EFFECTIVE OUTSOURCING STRATEGY. March 1, 2017

Experience the commitment. CGI Exploration2Revenue TM Business Suite. Optimize your upstream back office

Driving Profitable Growth CORPORATE OVERVIEW

Your Workday Operating Model The Build Versus Buy Decision

Office of Information Technology IT Plan:

Avangate SkyCommerce Suite

Enterprise Content Management and Business Process Management

USTGlobal. DIGITAL BANKING TRENDS AND INNOVATIONS A UST Global POV

FORTUNE FAVORS THE BRAVE EMPOWERING THE BACK OFFICE INSIGHT REPORT

The future of procurement in the age of digital supply networks The DBriefs Driving Enterprise Value series

Prepare for GDPR today with Microsoft 365

Beyond EDI Unlocking new value with transactions enabled by SAP Ariba and the Ariba Network

TECHNOLOGY VISION FOR SALESFORCE

Buyers Guide to ERP Business Management Software

Turn Your Business Vision into Reality with Microsoft Dynamics GP

The Technology-Driven of. Project Management. Capitalizing on the Potential Changes and Opportunities

Blockchain Unleashed: Petrochemical Industry Impact

The Path to Creating and Sustaining Value. The Scorecard. for Selecting, Managing & Leveraging your Services Team:

THE POWER OF ADVISORY SERVICES

Analytics: Laying the Foundation for Supply Chain Digital Transformation

The 2017 Retail Technology Report: An Analysis of Trends, Buying Behaviors and Future Opportunities

CLAconnect.com/creditunions. Impact the Future of Credit Unions

Office of Information Technology (OIT) Strategic Plan FY

Application Outsourcing

Deloitte Accelerated Value: SaaS innovation for the digital core. Extending the potential of core systems, addressing tomorrow s needs

Fujitsu Value Proposition for Manufacturing Industry. Enabling Digital with Connected Enterprise

IDC FutureScape: Worldwide Financial Services 2017 Predictions

H 2 N H. Supply chain management in the chemicals industry Key challenges and how Deloitte can support

Future-Proof Procurement - A Digital Journey

Image Itron Total Outcomes

Capgemini s PoV on Industry 4.0 and its business implications for Siemens

Enable Business Transformation In Banking & Financial Services Organizations through Connected Devices. Arvind Radhakrishnen.

Globalization of HR and How Digital Transformation can Help. In partnership with: HR.Payroll.Benefits.

On the board s agenda US Winning with digital: What boards need to know about digital transformation

Securing Capabilities in the Cloud: Security and Privacy in the Evolution of Cloud Computing

Transforming the office of the CFO

3 STEPS TO MAKE YOUR SHARED SERVICE ORGANIZATION A DIGITAL POWERHOUSE

GROW ENROLLMENT USING PROVEN STRATEGIES

Enterprise. Service. Transformation. Deloitte driving your digital service excellence with ServiceNow

EXECUTIVE BRIEF Executive Summary HOW TO BALANCE PERSONALIZATION AND PRIVACY FOR OUTSTANDING CUSTOMER EXPERIENCES

Turn Your Business Vision into Reality with Microsoft Dynamics NAV

Future Readiness of GIC Talent Models

Partnering with the business to create a successful self-service analytics framework

A BPM Partners ebook. Performance Management: The Next Generation. The Official Guide

Centralizing Your Energy Supply Spend

Business Risk Intelligence

Charge Up Collaboration with Clients and Prospects: How Technology Can Help You Break New Ground

Unlocking the Value of the Adobe + Microsoft Partnership All Rights Reserved.

Digital HR: Driving organizations to be digital, not just do digital

Digital crisis or redemption - The uncomfortable truth

Service Business Plan

Government Services BUSINESS PLAN ACCOUNTABILITY STATEMENT THE MINISTRY

The Transformative Journey to M4.0: Challenges and Opportunities

Why Businesses Love Payables Lockbox

BMC point of view. Cognitive Service Management. Enabling the Future of Service

Trends Shaping the Bank of the Future

CIP 2017 Project Outline

Transcription:

Cloud Computing Opportunities & Challenges AICPA & CPA/SEA Interchange State Regulatory & Legislative Affairs Emerging Technologies July 11, 2017 Presented by Donny C. Shimamoto, CPA.CITP, CGMA 1 Unless otherwise noted, the content of this presentation is 2017 IntrapriseTechKnowlogies LLC. The contents of this presentation may be reused in accord with the Creative Commons Attribution- NonCommercial 4.0 International License. Donny C. Shimamoto, CPA/CITP, CGMA Donny is the managing director of IntrapriseTechKnowlogies LLC, an advisory-focused CPA firm specializing in organizational development and business process outsourcing for small businesses, middle market organizations, and nonprofits. Donny is a recognized thought leader and educator in the Accounting Technology, IT Risk Management, and Performance Management fields; his dedication to helping accountants and organizations leverage strategic technologies while proactively managing their business and technical risk is paramount. Donny also serves as an outsourced IT & Innovation Partner and advisor for local & regional firms and internal audit departments who lack in-house IT leadership and IT audit expertise; He helps with IT risk assessments and IT advisory services, development of the firm s innovation strategy, streamlining of internal firm operations, and increasing staff proficiency with IT tools supporting client engagements and service delivery. Donny is a past chairman of the AICPA s Information Management and Technology Assurance Executive Committee, and former member of its Governing Council, Assurance Services Executive Committee, and numerous other AICPA committees and task forces. Donny was recognized as one of the Top Thought Leaders in Public Accounting by CPA Practice Advisor from 2012 to 2017, Top 100 Most Influential People in Accounting (2013 & 2014) by Accounting Today, received the 2009-2010 President s Award from the Hawaii Society of CPAs, was named to CPA Technology Advisor s 40 Under 40 list in 2007 & 2009 & 2014, and was also a Hawaii Top High Tech Leader in 2004. 1

Cloud Computing: Opportunities & Challenges The time for Change is NOW Is your firm ready for exponential change? Developing An Innovation Strategy for Firm Sustainability Understanding the Challenge of Cybersecurity Confidentiality vs Privacy vs Information Security Cyber-enabled Transformation is a Journey 4 Video source: Change 2, Digital transformation: are you ready for exponential change? Futurist Gerd Leonhard, TFAStudios (https://youtu.be/ystdf6jn7hc) 2

Is your firm ready for exponential change? Left column adapted from Leonhart s Change 2, 2016; Right column: 2017 IntrapriseTechKnowlogies LLC Good enough is dead. Is your firm good enough? 5 Change is being fueled by Digitization Automation & Augmentation Mobilization Disintermediation Are you driving change? Or being driven by it? Has your firm Gone paperless? Leveraged audit data analytics? Automated confirmations? Leveraged tax automation? Leveraged tax outsourcing? Leveraged mobile/cloud? Ensured that it will be relevant in the near future? Is your firm ready for exponential change? Left column adapted from Leonhart s Change 2, 2016; Right column: 2017 IntrapriseTechKnowlogies LLC 6 The future is Holistic business models Opportunity to be liquid Learn just in time Not just in case Not single improvements, but complete transformations Not individual systems, but new ecosystems Has your firm Moved beyond commodity audit, tax, and bookkeeping services? Ensured that it has the agility to adapt as innovations in accounting technology emerge? Adopted the future of learning, and moved from CPE to competency development? Developed a short- and longterm innovation strategy? Taken a holistic look at itself? 3

Is your firm ready for exponential change? Left column adapted from Leonhart s Change 2, 2016; Right column: 2017 IntrapriseTechKnowlogies LLC Big Data Comes from the Internet of Things (IoT) [and easier data collection and access] Drives artificial intelligence (AI) and deep learning [by machines] All this enables Robotics [which enables increased automation and augmentation] Big Data, IoT, and AI will transform accounting and finance: Replace estimates with actuals e.g. deprecation, cost allocations) Use non-financial metrics for Enterprise risk indicators Real-time forecasting Correlate non-financial and financial data for audits Continuous monitoring and continuous auditing 7 Is your firm ready for exponential change? Left column adapted from Leonhart s Change 2, 2016; Right column: 2017 IntrapriseTechKnowlogies LLC What can t be digitized will become extremely valuable Focus on things that can t be automated Machines are good at simulating, but not at being Human-only traits: Creativity & Imagination Emotion Intuition Ethics Have you (re)designed your service offerings to leverage the CPA Core Competencies? Communications skills Leadership skills Critical thinking and problem-solving skills Anticipating and meeting needs Synthesizing intelligence to insight Integration and collaboration 8 4

Is your firm ready for exponential change? Left column adapted from Leonhart s Change2, 2016; Right column: 2017 IntrapriseTechKnowlogies LLC 9 Technology represents the HOW of change Humans represent the WHY Go beyond technology and data to reach human insights and wisdom We engage, relate and buy things because of The experience they provide Their transformational power Have you considered the WHY of your firm? See Simon Sinek s TED Talk: Start with Why Have you figured out WHY clients should work or continue to work with you? How is their experience with you different from other firms? How are you transforming their organizations and impacting their success? Developing An Innovation Strategy for Firm Sustainability Transforming a firm s operations to leverage cloud innovations requires a strategic and holistic approach. This transformation often requires that firms revisit the way they ve always done things and careful attention to standards and compliance requirements. 10 5

Creating a Sustainable Firm Adapted from: CIMA s Sustainable Value Chain of Organizational Competencies A shift is required in the Sustainable Value Chain of firm competencies Operations driven Mission, business strategy, and constituent needs Brand, values and organization positioning Develop service offerings and value/benefit proposition Obtain customers and source resources Mission/strategy driven impact Deliver services and measure impact Constituent satisfaction and retention 11 Historically firms could be very operationally driven. As the need for differentiation and impact increases, firm must be more strategic to be sustainable and achieve their mission Innovation Strategy Drivers for Accounting Firms 2013, 2016, 2017 IntrapriseTechKnowlogies LLC Business Drivers Economic Uncertainty Increased Oversight Client Price Pressure Partner & Staff Needs Technology Drivers Cloud Computing Mobile & Apps Big Data AI & Robotics Innovation Strategy Workflow & Process Efficiencies Staff Enablement & Work-Life Integration Evolution of Service Offerings Local to Global Opportunities Practice Enhancement Strategies 6

Developing Your Innovation Strategy 2013 IntrapriseTechKnowlogies LLC Impact of the Innovation Strategy to the Firm s Major Service Areas and Practice Management Audit Tax Client Accounting Practice Management Efficiencies Effectiveness Innovation Efficiencies Collaboration Profitability Growth Efficiencies Transformation Revenue Growth Efficiencies Effectiveness Collaboration Key Outcomes: Automated & efficient processes Improved execution/profitability Improved work processes Increased employee satisfaction Better workflow and project management Reduced risk Higher quality of service Increased client satisfaction / impact Case Study: Houston CPA Society Challenges Traditional on-premise infrastructure 2017 IntrapriseTechKnowlogies LLC. All Rights Reserved. 14 Some cloud (Office 365) but usage not optimized Core applications (imis and MS Dynamics GP) several versions behind Self-hosted web site Greater visibility and potential hacker exposure Greater PCI DSS (credit card) compliance requirements and risk Primarily on-premise services Difficult to serve members in remote areas of the region Harder to engage committee members who only call into meetings Policies, procedures, and staff training not up-to-date Outdated security policy and no information security program Society staff has not been provided training on technology available 7

Case Study: Houston CPA Society - Opportunities Transition to a cloud infrastructure 2017 IntrapriseTechKnowlogies LLC. All Rights Reserved. 15 Upgrade Office 365 plan to get access to more robust security features for e-mail, laptops, and mobile devices Move core applications (AMS and GL) to either hosted or cloud apps Move to cloud-based web site and member portal Reduce potential hacker exposure and outsource security Reduce PCI DSS (credit card) compliance risk Revisit service delivery to leverage cloud tools Redesign and revitalize web site and member portal to broaden information distribution and increase member engagement Leverage Office 365 to serve members in remote areas of the region Update information security and staff training programs Understanding the Challenge of Cybersecurity Whether on-premise or in the cloud, cybersecurity presents challenges that have wide reaching impacts throughout organizations. These challenges must be addressed by management, operations, and IT to effective in mitigating cybersecurity risks 16 8

Why Cybersecurity is Challenging Why is ensuring cybersecurity a challenge? Adapted from IT Considerations in Risk-Based Financial Statement Audits, AICPA, 2013 Unlike the certification of financial statements there is no universally accepted principle or standard for information security The concept of compliance to best practice Changes in technologies and IT platforms is at times too rapid for best practices to fully develop or be recognized as such Rapidly evolving threat landscape and increasing sophistication of attacks/attackers Lack of education and awareness of IT staff and end users 17 AICPA Cybersecurity Reporting Framework (April 2017) Provides principles & criteria for evaluating extent and effectiveness of an entity s cybersecurity risk management efforts Source: http://www.aicpa.org/press/pressreleases/2017/pages/aicpa-unveils-cybersecurity-risk-management-reporting-framework.aspx Why Cybersecurity is Challenging 2011, 2017 IntrapriseTechKnowlogies LLC Traditional IT depts and service providers don t address IT governance IT risk management Especially in small and mid-sizes orgs IT Strategy Business Strategy IT Governance Compliance 18 IT Projects The IT Department IT Infrastructure IT Risk Management 9

Confidentiality vs. Privacy vs. Information Security When people say they re worried about cybersecurity, they usually mean they re worried about the confidentiality and privacy of their data. Information security has two additional aspects: availability and integrity, that must be addressed in addition to confidentiality and privacy. 19 Confidential vs Private Data 2016 IntrapriseTechKnowlogies LLC Confidential data is generally considered to be sensitive (not for public consumption) but not necessarily private With confidential data, the objectives usually are to: Limit access to those who are authorized to view the data Protect the data from accidental or purposeful unauthorized access by internal or external parties Private data: Is personally identifiable (i.e., can be linked to an individual person) Usually has regulatory or compliance requirements that force organizations to ensure that the data is not disclosed except in certain allowed circumstances Examples of compliance requirements requiring privacy: State identity theft laws Payment Card Industry Data Security Standard (PCI DSS) for credit card data HIPAA for health care-related data 20 10

Privacy Compliance Requirements The handling of private data is often governed by the state or country of residence of the affected individual(s), not where your organization is headquartered or has offices Fines, notice, and remediation requirements are also normally established by the location of affected individual s residence(s) You may also be subject to additional entity-level requirements based on the state(s) in which you operate There may also be entity-specific fines and remediation requirements driven by the state(s) in which you operate 2016, 2017 IntrapriseTechKnowlogies LLC Privacy compliance can quickly become complex, especially if customers are resident in multiple jurisdictions 21 The Information Security (InfoSec) Triangle 2016 IntrapriseTechKnowlogies LLC Information Security Seeks to ensure that an organization s data and access to its information systems is well managed Helps prevent accidental or purposeful breaches from occurring, both from within and from outside a organization Ensures that if breaches do occur, they are detected and addressed quickly Confidentiality is only one aspect of the Infosec triangle: 22 Image Source: ISACA 11

Information Security, Confidentiality, and Privacy are Complementary 2016 IntrapriseTechKnowlogies LLC Information security Also addresses availability and (data) integrity Information Security Confidentiality May have some areas not covered by information security (e.g., paper files) Confidentiality Privacy Has many other areas that are not covered by information security or confidentiality (see next slide) Privacy 23 Generally Accepted Privacy Principles (GAPP) 2016 IntrapriseTechKnowlogies LLC 1. Management 2. Notice 3. Choice and Consent 4. Collection 5. Use and Retention More info is available at: http://aicpa.org/privacy 6. Access 7. Disclosure to Third Parties 8. Security for Privacy 9. Quality 10. Monitoring and Enforcement 24 Color key: Blue = Information Security Green = Confidentiality 12

Generally Accepted Privacy Principles 1. Management: The entity defines, documents, and communicates, and assigns accountability for its privacy policies and procedures. 2. Notice: The entity provides notice about its privacy policies and procedures and identifies the purposes for which personal information is collected, used, retained, and disclosed. 3. Choice and Consent: The entity describes the choices available to the individual and obtains implicit or explicit consent with respect to the collection, use, and disclosure of personal information. 4. Collection: The entity collects personal information only for the purposes identified in the notice. 5. Use and Retention: The entity limits the use of personal information to the purposes identified in the notice and for which the individual has provided implicit or explicit consent. The entity retains personal information for only as long as necessary to fulfill the state purposes. Generally Accepted Privacy Principles 6. Access: The entity provides individuals with access to their personal information for review and update. 7. Disclosure: The entity discloses personal information to third parties only for the purposes identified in the notice and with the implicit or explicit consent of the individual. 8. Security: The entity protects personal information against unauthorized access (both physical and logical). 9. Quality: The entity maintains accurate, complete, and relevant personal information for the purposes identified in the notice. 10.Monitoring and Enforcement: The entity monitors compliance with its privacy policies and procedures and has procedures to address privacy-related complaints and disputes. 13

Cloud-enabled Transformation is the start of your journey With peace of mind that you have a secure and resilient foundation, you can focus more on the future. Let us help you look at how you can: Become more innovative and get the most value from your IT. Leverage IT to transform your business practices, improve performance, and ensure your future success. 27 Cyber-enabled Transformation is a journey 2017 IntrapriseTechKnowlogies LLC Start with WHY; How will you transcend the technology, to transform your organization and create meaningful experiences for your customers/clients? Manage cybersecurity risk Innovate and drive IT Value Compliance & Operations Information Security Program Vulnerability Testing IT Governance & Risk Management IT Strategy Alignment IT General Controls Effectiveness IT Performance Improvement Robust Vendor Management Program IT Value Management Enterprise Budgeting & Forecasting Project Management Office (PMO) Run-Optimize- Innovate (R-O-I) Management Innovation & Transformation Enterprise Performance Management Enterprise Risk Management Business Solutions Needs Analysis & Vendor Selection Organizational Development 28 IT Department Management Leadership & Competitive Advantage 14

Thank you for your attention and participation! Any Questions? Donny C. Shimamoto, CPA/CITP, CGMA IntrapriseTechKnowlogies LLC email: donny@intraprise.us voice: (866) 737-9991 x7200 twitter: @donnyitk 15

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback