1.Chapter one: General Framework
1.1 Introduction and Background
The cloud computing represents one of the challenges, which faces both accountants and auditors since some organizations have changed to adopt cloud computing. The cloud computing has been dramatically increased in the last few years. It also represents a new type of business economic patterns at the global level, in the information age, and advanced modern technology in this time where borders disappear and entr'acte geography, and changed the concept of the determinants of capital. With cloud computing has become imperative for the economic units that seek to strengthen its competitive position to adapt the electronic environment, by changing its accounting system radically or gradually and focusing on the so-called electronic accounting. After the emerge of new technologies in the business world as an extension of the electronic environment and development as one of the most important challenges in front of the new accounting and auditing. The modern revolution in Information Technology (IT) has become the backbone of cloud computing. With the development of E-Business (EB) activities, it becomes the perfect computer and communications networks to run, based on its strong dependence on computer systems, holds a huge threat to the control ineffective. Inappropriate use may result in disastrous consequences, and the existence of computer viruses and hackers, computer crimes, and so have led to the risk of cloud computing information distortion.
The traditional accounting information system is limited by many factors including the inadequate preparation of hardware facilities, lack of professional, high initial investment costs, complex maintenance process, which restricts the development process accounting information of some companies and greatly weakens the enterprise’s competitiveness. In recent years, cloud accounting has received high attention for its low-cost, high-efficiency mode of accounting information technology in the industry. Cloud accounting is virtualized accounting information system providing accounting services for the enterprise based on the Internet. Its conception can be explained from two aspects. For cloud accounting supplier, cloud accounting is an accounting information system by cloud computing technology, and suppliers need to provide hardware and software facilities and the construction of accounting information systems. For businesses, cloud accounting is based on the Internet, so if you want to use online accounting information system, you need to pay for it. Construction of cloud accounting is currently a hot issue in the industry and academic, and it has an absolute advantage in terms of cost, efficiency, reliability, etc. ( Zhang Cancan,2014).
Cloud operating model is currently a hot topic in the world of cloud accounting. Accounting cloud, which "Online Accounting," They say like bookkeeping works users are installed on your computer, except that the soft cloud accounting software on the servers' provider online services ", is applicable to any number of users and companies and organizations can use their web browser, on internet access it. This means that you as a user company or organization, each time an Internet connection are able to access their company's finances from anywhere and any device you're using. Accounting firms and organizations through cloud users online accounting software applications, "presented Software services "in the cloud have access, in fact, the use of accounting software in a similar model (Software As a Service) provider of online services to buy. They for software, hardware or network not pay, but computing power and software services needed to purchase (Webopedia. com, 2013). With this interpretation, if accounting professionals to conclude cloud computing, outsourcing in the old drink new bottles and many have gone astray. Cloud-like business process outsourcing, such as the purchase of one or more than one offer outsourcing service organization. A key difference in what the buyer is usually a process of outsourcing work is defined as the average salary in what is cloud computing infrastructure and services purchased fan some or all of the information that may be done not rely on it. Basically the information technology infrastructure in all areas of business including accounting firms under effects. It seems logical that here the necessity of using cloud computing in accounting too.
Small businesses are the biggest beneficiaries of online cloud accounting and there are numerous ways in which moving to the cloud can be of value. Working in the cloud will give you the opportunity to reduce the amount of time you spend on difficult working, time-consuming tasks, allowing you to concentrate on what you do best: growing your business. You can also be confident that you will have greater access to real-time data for your business ‘ no matter where you are ‘ as business information is accessible any time, any place, on any device that has internet access (much like internet banking).
Information, knowledge and increase the emergence of big data is undoubtedly key for growth and success for businesses (Srikumar, 2013). The emergence of cloud computing and its growing impact on business, in general, is gaining traction around the world. Mortar companies such as Google and Salesforce.com reflect the model of cloud computing through sharing web infrastructure in terms of data storage, scalability, and computation (Kambil, 2009). In many ways, the role complements the invaluable role of ICT that has been increasingly emerging with a growing impact since the early 1980s, which then took a major boost with the proliferation of the Internet and the World Wide Web a decade later. According to Abeer Gamal, who works for one of the leading business associations in Egypt dealing mainly with SMEs: ‘ICT is the driver of the organization and especially SMEs; it keeps us competitive compared to our peers.’ On a more macro scale and at the global front, according to Gartner research, the cloud computing global market reached 150 billion US dollars in 2013 (Gartner, 2013). Moreover, according to a Boston Consulting Group study (2013) ‘technology adopter firms have increased their annual revenues 15% faster than firms with lower levels of technology adoption.’ In other words, cloud computing is a model for enabling on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned with minimal management effort (NIST, 2011).
Larger companies adopt cloud computing and they understand the potential and know how to utilize it to its full effect.
However, Benefits for the company:
1. Real-time to the project team, management and the audit committee with respect to control design and implementation.
2. Allow management to respond more timely to project and control issues.
3. Feedback relative to the use of more effective and cost-efficient automated application controls.
4. Identify risks which could jeopardize project timeliness or objectives.
5. Provides feedback to management and the audit committee on other matters which may come to our attention.
Benefits for the Audit:
1. In-depth understanding of the impacts of internal control over financial reporting.
1. Early identification of potential audit and control related issues and reduces the chances of surprise.
2. Identification automated controls helping to improve control testing effectiveness and efficiency.
3. Information about the integrity of underlying financial data.
4. Updated audit documentation relative changes in IT, new process and new controls to help facilitate effective audit planning, walk-through and control testing (KPMG,2012 ).
There are four different cloud deployment models including public, community, private and hybrid cloud environments. For example, SaaS usually operates within the public model whereas it is available to everyone with an Internet connection such as salesforce.com serving business-to-business (B2B) companies. Salesforce.com focuses on managing customer details and running sales campaigns; a typical customer relationship management (CRM) platform will be defined later (Sherif Kamel, Mariam Abouseif, 2015).
In Egypt, Cloud computing is the methodology that helps organizations to provide the maximum amount of IT efficiency and makes it possible to store, manage and analyze information in the world with its steady growth. It reflects a new consumption, supplement, and delivery model for IT services. It offers the computing processing power, storage, network bandwidth, software usage, software development, testing, security, identity as services over the Internet. The Ministry of Communications and Information Technology (MCIT) addresses Cloud Computing, Data Centers, Integrated Solutions, and Web 2.0 as top priorities in the international ICT agenda.
Towards this end, many agreements have been signed with foreign authorities in Germany, Malaysia, and Singapore for the purpose of sharing their expertise in terms of preparing Egyptian calibers to join this new industry.
Cloud computing offers tremendous cost-effectiveness by providing a ‘pay per use’ model and ensures professional management of the infrastructure. It is fair to say that this model is bound to change the fa”ade of IT usage across the world in the immediate near future.
It is expanding and becoming a popular solution among businesses worldwide when it presented efficient and optimistic results Increased revenues, expanding businesses, and new job creation, not limited to the information technology sector, are all possible through the extensive use of cloud computing (MCIT.com,2016).
National Telecom Regulatory Authority (NTRA) Communications addresses the four telecommunications companies in preparation to launch fourth-generation licenses, according to statements made by; the Minister of Communications and Information Technology Yasser judge The minister said that "before the end of the month of May 2016 will be the completion of the licenses to begin offering, the device has already called for the three companies (Vodafone, Orange and Telecom Egypt) to buy licenses". Fourth-generation will allow users to deal with the Internet at high speeds, for example, will be able to deal with cloud computing.
1.2 Characteristics of cloud computing
Cloud computing services have characteristics which distinguish them from other technologies:
As a rule, cloud computing users do not own the IT resources they use, the servers they exploit being hosted in external data centers.
Services are provided via the pay ‘ per- use model or subscription model.
The resources and services provided to the client are often virtual and shared among several users.
The services are provided via the internet.
With these characteristics, cloud computing technology is a new solution giving users the option to access software and IT resources with the desired flexibility and modularity and at very competitive prices (Maaref, S.,2012).
1.3 Description of the main cloud computing services
Cloud computing comprises five types of services:
Infrastructure as a Service (IaaS ): Virtualized on-demand server, virtualized data center, flexible on-demand storage space, flexible local networks (LANs ), firewalls, security services, etc.
Platform as a service (PaaS ): platform for cloud computing services provision ( customer service management, billing, etc.)
Software as a Service (SaaS ): business applications, customer relations, and support (CRM), HR, finance (ERP ), online payments, electronic marketplace ( for very small and small and medium-sized enterprises), etc.
communication as a Service ( CaaS ): audio/ video communication services, collaborative services, unified communications, e-m ail, instant messaging, data sharing (web conference ).
A network as a Service (NAAS ): managed internet (guaranteed speed, availability, etc.), virtualized network (VPNs) coupled with cloud computing services, flexible and on-demand bandwidth (Maaref, S.,2012).
1.4 Legal framework of cloud computing
Governance in cloud computing mode
Comparison between the cloud computing and conventional "hosted applications" modes.
Comparison between the cloud computing and "licensed software" modes.
Interoperability and reversibility in cloud computing (Maaref,S. ,2012).
1.5 Research problem and Questions
The main problem can be represented as follows: What is the impact of cloud computing on the external auditors work? This can be summarized in the following points:
What is the methodology used by the external auditor towards the cloud computing to ensure the quality of the process?
What are the requirements needed by the external auditor in Egypt to face new risks associated with practice of cloud computing?
Is the external auditor in Egypt able to audit financial statements data's for cloud computing process, and face its challenges in light of his current skills?
1.6 Research Objectives
The major reason and main objective behind choosing this topic is to define the role and responsibility of the external auditor towards the cloud computing. Identify the requirements and characteristics of cloud computing, Describe the approaches of E-Auditing that dealing with information systems. It led us to know the obstacles that stand in the face of cloud computing in Egypt.
Sub-Objectives:
How transactions are recorded on cloud computing?
The major risk facing cloud computing Accounting and Auditing.
Are external auditors in Egypt qualified and well trained to do this type of audit?
1.7 Research Hypotheses
The empirical study will be conducted through a self-developed questionnaire distributed among the external auditors (CPA Firms, Bank, and university stuff). The survey will be conducted based on a quantitative perspective. This study aimed to examine the role and responsibility of the external auditor towards the cloud computing activity. In order to assess the validity of the hypotheses in this research, the researcher has a different set of hypotheses to be used, as follows:
"H" _"�1" There is a relationship between cloud computing activity and current skills, knowledge and qualification of Egyptian auditors in Egypt.
"H" _"�2" There are impacts of cloud computing on the audit report.
"H" _"�3" There are impacts of cloud computing on the risks of the audit process in Egypt.
"H" _"�4" Cloud computing requires sufficient qualifications for auditors in the use of new technological tools used in the field of accounting.
1.8 Research Methodology
1.8.1 Theoretical study
This research will focus on two corners; the first corner for accounting and how the transactions are recorded in approved documents. The second corner will focus on studying the role and responsibility of the external auditors and its impact of cloud computing on the external auditor's work. The third corner is studying cloud computing, in general, to understand how it operates. Therefore, the aims of the theoretical study are:
Identify the requirements and characteristics of cloud computing.
To explore whether the external auditors are able to make an audit planning, audit process, and audit report.
Identify the impacts of cloud computing on the risks of the audit process in Egypt.
1.8.2 Empirical Study
The Empirical study will start where the theoretical part left off, it will be conducted through self-developed questionnaire among the companies. It tackled the factors that were recognized through the theoretical section. The survey will be conducted based on a quantitative perspective. The factors will test to realize the level on which the role and responsibility of the external auditors are influenced by these factors. The study objective is to examine if the different factors have a direct effect on the level of responsibility of the external auditor. The different factors' effects will analyze using SPSS program using statistical techniques such as multiple regression and means analysis.
The samples will focus on accountants working in cloud computing, external auditors within the auditing firms in Egypt and companies working with cloud computing.
1.9 Research Structure
The thesis structure is divided into five main chapters as follows:
The first chapter is the General framework introduction.
The second chapter discusses the role of accountants their problems, evidence, major risk facing accountants and tax.
The third chapter discusses the auditors' background, role, responsibilities and challenges.
The fourth chapter discusses the cloud computing Background, Types, Security and Risks.
The fifth chapter discusses the empirical study's finding, results and
conclusion of the whole thesis paper.
1.10 Literature Review
1) Bisong, A., & Rahman, M. (2011). An overview of the security concerns in enterprise cloud computing:
Objectives: In this paper, they have discussed security risks and concerns in cloud computing and enlightened steps that an enterprise can take to reduce security risks and protect their resources. The authors have also explained cloud computing strengths/benefits, weaknesses, and applicable areas in information risk management. This paper discussed the cloud computing security concerns and the security risk associated with enterprise cloud computing including its threats, risk and vulnerability.
Findings: Cloud computing is a combination of several key technologies that have evolved and matured over the years. Cloud computing has a potential for cost savings to the enterprises but the security risk is also enormous.
Enterprise looking into cloud computing technology as a way to cut down on cost and increase profitability should seriously analyze the security risk of cloud computing.
The strength of cloud computing in information risk management is the ability to manage risk more effectively from a centralized point. Security updates and new patches can be applied more effectively thereby allowing business continuity in an event of a security hole. Cloud computing weakness include the list of issues such as the security and privacy of business data being hosted in remote 3rd party data centers, being lock-in to a platform, reliability/performance concerns, and the fears of making the wrong decision before the industry begins to mature.
Enterprise should verify and understand cloud security, carefully analyze the security issues involved and plan for ways to resolve it before implementing the technology. Pilot projects should be setup and good governance should be put in place to effectively deal with security issues and concerns. Authors believe the move into the cloud computing should be planned and it should be gradual over a period of time.
Comments: This paper discussed the overview of security concerns in enterprise cloud computing while they did not explore the risk that will face the auditors and external cloud computing.
2) P.Krubhala and K.SaravanaKumar (2013), Dynamic auditing and accounting mechanism for policy based data access in cloud:
Objectives: Cloud computing is advancement in the field of information technology. The terminology cloud computing can be illustrated as the pay-as-you-use model in which this framework includes collection task where they are assigned to the clients who need it. Without the features of the internet, it's impossible to provide a cloud environment. Lots of gains can be achieved through the cloud such as scalability, availability, flexible, lots of storage space, low cost and so on.
Although it embraces these benefits the major venture of cloud technology is that security and confidential of data stored and shared within or between the third party environment. In order to overcome this problem, the audit ability scheme can be endowed where this methodology supports to check the integrity of the data being stored and allows for the user data privacy. Further, the authors' work also proposes the accounting mechanism for metering the resource usages where the system encloses user data along with their policies. The result of accounting mechanism is the generation of the log record.
Finding: The assurance cloud security is achieved by imposing both the auditing and accounting features. These are the major two features considered to solve the security-related issues in the cloud. Finally, they achieved the monitoring process in the cloud environment by proposing an efficient accounting mechanism which generates the log record as the result of the accounting function. In addition to that, it increases the level of security by allowing the data owners to specify their service level agreements which are the contract between the service providers and users to maintain their data secure. To improve the level of security the proposed work also allows verifying the integrity of the cloud storage. This can be achieved on the basis of allowing a third party auditor to audit the data and also it supports for the batch auditing and dynamic modification of the data in the cloud.
Comments: The authors propose the accounting mechanism for metering the resource usages where the system encloses user data along with their policies. The result of accounting mechanism is the generation of the log record while this thesis continues to record sufficient evidence documents to be audited.
3) Trivedi, H. (2013). Cloud Adoption Model for Governments and Large Enterprises: Submitted to the Mit Sloan School of management in partial fulfillment of the requirement for the degree of Master of Science in management studies at the Massachusetts institute of technology:
Objectives: it's summarized in How should the government, public sector or a large enterprise go about adopting cloud? Is there a particular path to be followed? Are certain steps necessary to cloud adoption process? Do certain characteristics define organizations in the process of cloud adoption? Should certain competencies be developed for a successful move to the cloud? How do different organizations at different stages of cloud adoption look different from each other? Are there any examples to refer to? The objective of this thesis is to answer these questions by studying in depth large enterprises and governments which are either thinking of moving to the cloud or have taken steps to adopting cloud, identify any emerging patterns, explore drivers of cloud computing, and craft a model for cloud computing adoption.
Finding: Cloud is known as different things to different audiences but agencies such as NIST have cleared the mist to some degree. As organizations across the public sector and private sectors understand what cloud means for them, they are looking to act and deploy cloud solutions. Some organizations, studied as part of this thesis, have made significant progress in their journey to cloud and others are just about starting. These organizations offer tenable insights into what makes for a successful cloud program and the required competencies. Certain themes such as application rationalization and modernization, standardization, centralized governance (IT Monarchy / Business Monarchy or IT Monarchy / Federal Combinations), and change management have revealed themselves as common threads. The journeys specifically have been marked by proof of concepts, technology selection, infrastructure service, and platform service as milestones. The organizations at different stages of cloud adoption exhibit different characteristics and possess distinct competencies, and organizations should not bite more than they can chew, lest their programs fall flat. Furthermore, what might constitute a success for one organization might turn out to be a not so successful initiative for another organization as evidenced by virtual desktop. Last but not the least, cloud programs require competencies that organizations have tried to master for many decades now but what makes them different in the context of cloud are the scale i.e., cloud programs touch every piece of hardware, development platform, and enterprise software application in an organization and will potentially run for at least a decade for a large organization.
Comments and areas of further study: The thesis has attempted to explore in detail cloud adoption examples from a wide cross-section of organizations, raise questions and answer them. But many key questions still remain and these can be further areas of study. The Cloud Adoption Model discussed in this study is based on private cloud deployments. Increasingly organizations are looking at hybrid deployment models comprising private and public clouds. Further study can be done to understand cloud adoption in a hybrid scenario. The model equates the context of governments and large enterprises. The generalization has enabled the formulation of a model but ignored any specific procurement and adoption patterns. The model can be studied further to identify differences between adoption for governments and large enterprises. All of the organizations studied are in the process of adopting cloud. It shall be worthwhile to investigate those organizations where cloud program was executed but the results were not as per expectations. This shall test the tenets of the proposed adoption model and also suggest modifications. Cloud by its nature converts ostensible vertical silos into horizontal discs expected to perform different functions. Will such a horizontal, based on common standards, of verticals enable flexibility or impede it in the future when businesses change? As organizations leap into the future by executing cloud programs, they are also rooted in the past through a landscape of legacy applications, many of them business critical. Cloud programs offer the opportunity to rationalize and modernize those applications but to what extent should organizations returned legacy applications? How can organizations optimally manage their legacy and cloud platforms? Last but not the least; is it likely in any scenario for an organization to move back from cloud platform to a non-cloud platform? What could be the reasons behind such a move and how will it impact the platform strategy of future?
4)Brender, N., and Markov, I. (2013). Risk perception and risk management in cloud computing: Results from a case study of Swiss companies:
Objectives: In today's economic turmoil, the pay-per-use pricing model of cloud computing, its flexibility and scalability and the potential for better security and availability levels are alluring to both SMEs and large enterprises. However, cloud computing is fraught with security risks which need to be carefully evaluated before any engagement in this area. This article elaborates on the most important risks inherent to the cloud such as information security, regulatory compliance, data location, investigative support and provider lock-in and disaster recovery. The researchers focus on risk and control analysis in relation to a sample of Swiss companies with regard to their prospective adoption of public cloud services. The researchers observe a sufficient degree of risk awareness with a focus on those risks that are relevant to the IT function to be migrated to the cloud. Moreover, the recommendations as to the adoption of cloud services depend on the company's size with larger and more technologically advanced companies being better prepared for the cloud. As an exploratory first step, the results of this study would allow to design and implement broader research into cloud computing risk management in Switzerland.
Finding: Cloud computing presents some important risks which should be assessed by any enterprise considering engagement in this area. The main contribution consists of an empirical study of a sample of Swiss companies which aimed at analyzing the understanding of the risks that public cloud services present and how they can be managed. Even though the sample size is very limited, Authors can see sufficient awareness of both the risks and the management solutions. The authors of the reports have consulted the large volume of literature pertaining to cloud computing risks with some of the reports referring to the Swiss regulatory context as well. There is also a degree of originality in the reports as they have considered the risks in the specific context of the concerned companies and according to their needs and capabilities.
As authors could see, the detail and focus of the reports correspond to the particularity of the IT function to be migrated to the cloud. Therefore the reports were not just mere recounts of existing literature but show business awareness and planning capabilities. As far as the final recommendations of whether to go on the cloud are concerned, authors found that they depend on the company’s size, technological expertise, and corporate culture but not on the criticality of the process or sensitivity of the data to be migrated. The flexibility and cost-efficiency of the cloud should be more attractive to Small and Medium-sized enterprises (SMEs) as compared to large companies. On the other hand, there may still be a certain level of mistrust in SMEs regarding the cloud as they lack sufficient expertise and risk management skills. Indeed, the reports suggest that large companies are better prepared for the adoption of cloud services. Nevertheless, as this paper has shown, understanding, assessment, and mitigation of the risks are vital when it comes to cloud computing. Once these steps have been properly addressed, where necessary with the help of external advice, the cloud may not look like such a dangerous place even for SMEs.
Comments: they stress again on the limited nature of the study whose purpose was to serve as an introductory exploration of the risk analysis with regard to prospective adoption of cloud services. These findings cannot be extrapolated to all Swiss companies also this thesis will be applied on Egyptian companies and CPAs firms, but allow to devise a stricter and more rigorous methodology for further studies based on interviews, questionnaires or quantitative surveys.
5) Zhang, C. (2014).Challenges and Strategies of Promoting Cloud Accounting:
Objectives: Cloud accounting, as a new mode of accounting information model, plays an important role in enterprise accounting informationization process. Compared with the traditional accounting informationization system, cloud accounting boasts the advantage of low investment cost, low maintenance costs, low barriers to entry, while as the continuous development of cloud accounting, relevant problems raise one from another such as poor security, unique services. To solve these problems in order to promote the popularization and application of cloud accounting in enterprise requires the joint efforts of enterprises, suppliers and government.
Finding: cloud accounting as a new accounting online accounting service has its unique advantages, but it also faces many challenges in the application process. Cloud accounting suppliers should consider how to improve the security, functionality and public recognition of cloud accounting services, contributing to sound and healthy development of cloud accounting services, and allowing more companies to accept and adopt cloud accounting services. With the gradual improvement of accounting services cloud model, the large enterprises, multinational organizations will adopt this model to make cloud accounting develop and popularize faster in future so as to facilitate the process of accounting information technology.
6) Abd Al-kaderkalaf,O., and Ayyed.,E. (2015).IT Auditing to Assure a Secure Cloud Computing for Enterprise Applications
Objectives: Following are summarized objectives of the study :
To present and study the detailed framework of the cloud computing for enterprise applications.
To design and implement the large database based enterprise application for the cloud computing environment.
To implement the IT auditing mechanism for the security purpose.
Finding: In this research project, they are discussing over the cloud computing paradigm evolvement for the large business applications like CRM as well as introducing the new framework for the secure cloud computing using the method of IT auditing. In this case, the approach is basically directed towards the establishment of the cloud computing framework for the customer relationship management (CRM) applications with the use of checklists by following the data flow of the CRM application and its lifecycle. Those checklists are prepared on the basis of models of cloud computing such as deployment models and services models. With this project, the main concern is to present the cloud computing implications through the large database enterprise CRM application and achieving the desired level of security with design and implementation of IT auditing technique. They claim that with this proposed methods for the CRM applications, they will provide the security, regulations, and compliance of such cloud computing environments.
7) Kamel, S. , Abouseif, M. ( 2015) . A Study of the Role and Impact of Cloud Computing on Small and Medium Size Enterprises (SMEs) in Egypt:
Objectives: This paper aimed to analyze the business potential of offering cloud computing services to small and medium-sized enterprises (SMEs) in Egypt. It addressed the challenges that need to be tackled to maximize the utilization of cloud computing services and the role and prospects to be played by SMEs in transforming the economy in Egypt. SMEs are invaluable to fuel economic development and growth as well as creating employment opportunities in emerging economies especially in markets like Egypt with a massive youth opportunity represented by the current population demographics and projected growth ratios. The combination of youth, technology and the emergence of an entrepreneurial culture could represent the successful and much-needed ingredients for an ideal platform to support socioeconomic development moving forward. Several previous studies indicated a clear correlation between the proper adoption, diffusion, and adaptation of information and communication technology (ICT) and the development and growth of revenues and jobs among startups due to the prospects of emerging technologies that can categorically empower SMEs. In the world of cloud computing, ICT can help SMEs leverage an already existing and growing interconnected global community of consumers, businesses, industries, and markets of unprecedented and still growing size.
This study highlighted some of the facts and developments in the space of SMEs and the emerging role ICT is playing in the entrepreneurial ecosystem with a focus on cloud computing deployment and the associated challenges, opportunities and underlying potential in the context of an emerging economy, Egypt. The research methodology deployed in the study is primarily based on qualitative data generated through a series of one-to-one semi-structured interviews with different representatives of various stakeholders.
Finding: This research concluded that the cloud computing is arguably the most innovative breakthrough the IT industry has witnessed since the move from mainframes to personal computers. Entrepreneurs are increasingly looking at cloud solutions for regular analysis of data that can help grow their businesses.
However, with the opportunities created that are mentioned above such as organizational cost savings and flexibility to scale-up or down the IT infrastructure, there are still a variety of impediments. In the context of SMEs in emerging economies, there is a great interest in cloud computing given the less complexity required and the opportunities created.
Based on this study and confirming other previous studies, greater use and diffusion of ICT among SMEs and with the rapid penetration of cloud computing by SMEs, the potential to boost productivity and create job opportunities could be magnified. In other words, the concrete impact could be both economical and societal. In general, the adoption of cloud computing offers smart, quick and efficient services that can help achieve local and global competitiveness, the critical success factor remains the availability of the required human skills and capacities.
Arguably, with the proper deployment of emerging technologies and new business practices, SMEs can grow by about 20% per year as indicated by many of the entrepreneurs and experts interviewed for this study. However, effective investment in human capital is a priority. They are the differentiating factor and they need to be aware and knowledgeable of what technology can offer. The promising future of Egypt as is the case of many emerging economies will depend less on a few large leading projects in traditional industries and businesses and more on the widespread of unconventional innovative and entrepreneurial ideas and projects that would engage the technology youth community and that can help create a platform for job creation and employment. Startups and SMEs are agents of change and vehicles for economic development and new industries, new breakthroughs and new ventures were always created by new and growing companies.
To sum it up, Egypt needs to establish an ICT-driven ecosystem capitalizing on a creative and talented youth opportunity that can become the base for an entrepreneurial culture and a startup nation.
8) Koparkar, P., & MacKrell, D. (2016). How Fluffy is the Cloud?: Cloud Intelligence for a Not-For-Profit:
Objectives: Business Intelligence (BI) is becoming more accessible and less expensive with fewer risks through various deployment options available in the Cloud. Cloud computing facilitates the acquisition of custom solutions for not-for-profit (NFP) organizations at affordable and scalable costs on a flexible pay-as-you-go basis. In this paper, they explored the key technical and organizational aspects of BI in the Cloud (Cloud Intelligence) deployment in an Australian NFP whose BI maturity is rising although still low. This organization aspires to Cloud Intelligence for improved managerial decision making yet the issues surrounding the adoption of Cloud Intelligence are complex, especially where corporate and Cloud governance is concerned. From the findings of the case study, a conceptual framework has been developed and presented which offers a view of how governance could be deployed so that NFPs gain maximum leverage through their adoption of the Cloud.
Finding: In this paper, the authors argued that cloud governance is essential in this process to align organizational goals with the benefits that can be gained from cloud deployment. They presented a conceptual framework in which suggests that responsibility of governance should remain within the organization, although the responsibility of managing other IT functions may usefully be handed over to the cloud provider. Cloud governance facilitates a better fit for cloud computing services into existing processes of organizations to achieve business and financial objectives. Cloud governance assists to maintain centralized decision-making process which is in-line with the overall strategy of the organization. Governance is not something that can be considered as ‘nice-to-have’, it is something that every organization ‘needs-to-have’. There are undoubtedly a number of risks and uncertainties in transitioning to the cloud, so strong governance and control are an essential part of any decision to move to the Cloud.
This paper represented in one document some of the issues along with governance, security, and risk management issues associated with cloud computing before making any decision about implementing cloud intelligence. A major contribution of this study would be towards the practical aspects of understanding the technological needs of an NFP organization and tackling accordingly the security concerns and threats that arise from using the cloud. As more and more data moves from on-premises to the cloud, it will become more feasible for NFPs and SMEs to deploy BI in the cloud.
Comments: One of the limitations of this paper was that the frameworks have not been validated against supporting data at an operational level. Further research would be required to provide evidence of the effectiveness and feasibility of having in-house cloud governance by SMEs and small NFPs.
Nevertheless, the views presented in this paper about the responsibilities of governance have the potential to stimulate debate.
9) Gholami, A.(2016). Security and privacy of sensitive data in cloud computing: a survey of recent developments:PHD.Thesis Stockholm, Sweden 2016
Objectives : Cloud computing is revolutionizing many ecosystems by providing organizations with computing resources featuring easy deployment, connectivity, configuration, automation, and scalability. This paradigm shift raised a broad range of security and privacy issues that must be taken into consideration. Multi-tenancy, loss of control, and trust are key challenges in cloud computing environments. This paper reviewed the existing technologies and a wide array of both earlier and state-of-the-art projects on cloud security and privacy. They categorized the existing research according to the cloud reference architecture orchestration, resource control, physical resource, and cloud service management layers, in addition to reviewing the existing developments in privacy-preserving sensitive data approaches in cloud computing such as privacy threat modeling and privacy enhancing protocols and solutions. Also, it can be summarized in 3 main questions as follows:
Q1: Can they develop a methodology to formulate privacy
requirements and threats to facilitate compliance with data
protection regulations?
Q2: How do author build privacy-preserving cloud-based systems
from existing approaches in security and privacy?
Q3: How do author increase the safety of an Operating System
(OS) by reducing the risk of kernel exploits?
Finding: This paper surveyed recent advances in cloud computing security and privacy research. It described several cloud computing key concepts and technologies, such as virtualization, and containers. They also discussed several security challenges that are raised by existing or forthcoming privacy legislation, such as the European Union( EU), Data Protection Directive (DPD) and the US Health Insurance Portability and Accountability Act (HIPAA).
The results that were presented in the area of cloud security and privacy are based on cloud provider activities, such as providing orchestration, resource abstraction, physical resource and cloud service management layers. Security and privacy factors that affect the activities of cloud providers in relation to the legal processing of consumer data were identified and a review of existing research was conducted to summarize the state-of-the-art in the field.