Cloud Computing Essay Introduction
The Cloud Computing Essay introduction presents a brief summary of the current information technology situation that prompts the necessity for thorough IT auditing, control, and security concerns in the field of IT. Further, it provides a detailed justification of the significances of IT-governance and the motivation behind this master thesis and the rationale for the study. Lastly, included in the introduction are objectives of the study, hypothesis, and the thesis structure. The following discussions detail the aforementioned parts. Get the legit paper writing services now!
Cloud Computing Essay Current Situation of Information Technology
The massive integration of IT in the business processes is making the global market highly competitive and more complex for businesses to survive. The complexity, however, comes with benefits like new niche markets and drawbacks such as insecurities, which might lead to business insolvency. Traditionally, Cloud Computing Essay mainly depended on locked and secured mainframe facilities.
However, these security systems proved to be susceptible to computer viruses. Besides, due to advancements and innovation of new technologies, computer malware worms are becoming even more complex and destructive with the abilities to act in microseconds (Rasheed, 2014).
In most cases, hackers aim at exploiting the vulnerabilities existing in organizations with a major concern on accessing and corrupting employee, customer, and the entire organizations’ most sensitive data such as financial details and biodata. To counter such risks, the organizations are shifting their focus on common risk factors such as inadequate FireFighter controls, vulnerabilities of security infrastructure, misalignment in application controls, and improper segregation of duties (Chen, Paxson, and Katz, 2010).
One of the most effective tools utilized by organizations is the SAP enterprise resource planning systems, which has multiple applications and modules for effective and efficient management of business processes. This paper focuses on the applicability of SAP for IT cloud compliance.
Cloud Computing Essay and Cloud Compliance
The advancing and expanding network and internet bandwidth together with virtualization technology have resulted into a new category of utility computing that enables computer users to utilize the computing resources instantly based on their demands and in more flexible fashion (Hoss et al. 2010).
According to the National Institute of Standards and Technology (NIST) (www.nist.gov), Cloud Computing Essay refers to “a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g. networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” The figure below shows the Cloud Computing Essay based on NIST understanding.
Cloud Computing Essay as defined by NIST (www.nist.gov)
Cloud Computing Essay has led to drastic changes in the field of information technology, presenting several vital applications. Initially, companies depended on the traditional data storage systems for storing and transferring data from one party to another. Some of the common traditional methods of storing and transferring data include USB sticks, external hard disks, floppy disks, and magnetic tapes, among others (Pearson, 2009). However, these methods have numerous drawbacks such as high operating costs, data insecurities, time consumption, and a necessity for additional infrastructure.
Driver | Traditional System | Cloud Computing Essay |
---|---|---|
Investments | High, especially for new hardware and running a new company | Low: involves pay-per-use format |
Reliability | High initial and operating costs | Low: cloud architecture is integrated |
IT infrastructure | Sophisticated | Contain basics only |
IT environment | Intricate | Modular architecture |
On the other hand, Cloud Computing Essay comes as a relief to most companies since the technology offers solutions to traditional storage challenges. Cloud storage service include Dropbox, ownCloud, and Apple iCloud (Aumueller, 2010). With the cloud computing technology, the start-up companies do not have to invest heavily in hardware for their data, instead, such companies only have to rent Software as a Service product (SaaS) like Google Mail for providing email services and Office 365 software for performing different office applications (Business_Insider, 2011).
Besides, Cloud Computing Essay provides secure data storage platform with an ideal end to end encryption; thus, there are minimal chances of data corruption compared to the traditional systems. Cloud technology also offers high usability and a user-friendly interface, which eradicates the need for staff training. Therefore, companies using cloud computing services can concentrate on developing real products, rather than focusing on data center design, purchase of hardware, and training of personnel.
Companies utilizing cloud technology either outsource their services to cloud service providers (CSP) or implement the technology in their data centers to enhance flexibilities and increase IT resources deployment rate (Cloud, 2011). The efficiency, convenience, flexibility, on-demand feature, and cost benefits underpin the popularity and the increasing demand for cloud computing technology in today’s market.
The table below identifies the most crucial drivers for cloud computing, such as small investment, low operating costs, standards, and sustainability issues. The basic drivers exemplify the solutions that Cloud Computing Essay as compared to the traditional IT infrastructure. In support of the cloud drivers, IDC surveyed the benefits of cloud computing in late 2009, and the responses were as shown in the figure that follows.
A comparison between traditional IT system and Cloud Computing Essay

Cloud Service Delivery Models
Cloud Computing Essay service providers deliver the cloud services in three different models; infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS) (Carlin & Curran, 2013). Infrastructure as a service comprises of hosting physical or virtual machines in a data center environment. The service providers supply resources on-demand based on client’s requirements. Therefore, a company only pays for the resources that they are utilizing.
Some of the popular IaaS vendors and products include Amazon, (Elastic Computing Cloud and Simple Storage Service, S3), GoGrid, and Rackspace (Carlin & Curran, 2013). Platform as a service, on the other hand, refers to where cloud service providers deliver a computing platform, which involves hosting operating system and web servers among other computing platforms. Popular vendors of PaaS are Google (Google App Engine), Salesforce (force.com), and Microsoft (Azure) (Carlin & Curran, 2013).
Lastly, software as a service refers to where cloud users are granted access to various application software and databases. The role of cloud providers here includes managing both the infrastructure and platforms operating the applications. Consequently, this model eliminates the need for private installation and management of business software.
Some of the popular SaaS vendors include Google (Google Docs and Google Mail), Apple (iWork.com), and Microsoft (MS Online Services) (Carlin & Curran, 2013). The following figure illustrates the three Cloud Computing Essay service delivery models.
Cloud Computing Essay delivery model (alltasksIT, 2014)
Security is one of the major targets of CSP. However, to ensure effective data security and minimal loopholes for data breaches, cloud providers have a clear set of security standards and guidelines. This is what we refer to as Cloud Compliance. Cloud compliance simply implies complying with the set laws and regulations needed for using cloud services.
The laws and regulations do not deter companies from adopting cloud technologies, but they have significant impacts. The laws differ from country to country and type of data a company deals with (Garrison, Wakefield, & Kim, 2015). Therefore, before moving to the cloud, it is critical for a company to know the countries where the data will be processed, the laws and regulations needed and then follow them to the letter.
Cloud Computing Essay service providers have set different types of laws, which include data protection laws, data sovereignty laws, information access laws, and data localization laws (Cloud, 2011). These laws apply based on the security measures that a company employs while using cloud technology services. The figure below illustrates the essentials that a company should focus on under cloud compliance.

For effective management of different departments within an organization and steady flow of activities within an organization, companies use different software such as the SAP ERP Software, Oracle, Microsoft Dynamics, NetSuite, INFOR SunSystems, and QAD-Y (Fuchs, 2018). SAP ERP is an enterprise resource planning software developed by SAP SE, a German company.
The software incorporates vital business operation functions such as materials management, production planning, logistics, quality management, financial and Managerial Accounting Assignment Help, and health and safety controls (Kale, 2014). SAP enterprise resource planning is vital since organizations can have a centralized location where different departments within the organization can easily access information in order to harmonize activities of such departments.
Consequently, this will result in increased revenue, reduced costs of production, and effective customer satisfaction. The figure below illustrates the concept of SAP centralized information system.

IT Audit Compliance Cloud Computing essay
The Information Technology (information systems) audit or rather referred to as automated data processing audits (ADP audits) refers to the examination of management controls in the IT infrastructure (Gantz, 2013). IT auditing involves a careful analysis of the evidence to determine whether the information systems within an organization are functioning as intended (Wright, Freedman, & Liu, 2008).
The functionalities include safeguarding assets, ensuring data integrity, and effective operation geared towards the organization’s goals and objectives. The examination and evaluation may be carried out in conjunction with external and internal audits, financial statement audit, and other attestation engagements. The management of any organization is responsible for ensuring proper alignment of IT resources following the business strategies, activities, and goals.
There are common frameworks that facilitate the concept of IT-governance. The common frameworks include COBIT, ISO 20000, ITIL, COSO (Moeller, 2010). IT-governance, risks, and compliance have a close linkage and are implemented inseparably in the business field as Governance-Risk-Compliance, GRC.
The IT audit frameworks are essential drivers to implementation and integration of cloud technology since the major concerns are compliance and data security. As cloud computing technology continues to advance, IT-governance and IT-compliance continue to undergo vital changes to incorporate the new set of emerging risks.
Motivation
The increasing complexity in business structures, fluctuating demands in the market, and the ever-advancing technology drive the need for a quick resolution to emerging issues. IT audit compliance plays a vital role here by ensuring the strategies and tactical instruments are aligned with IT as business demands. According to Becker & Bailey 2014, this alignment incorporates rules and legal requirements, economic frameworks, certifications, and relevant business philosophies.
Similarly, the IT field is advancing and becoming increasingly complex, which necessitate the need for more advanced and sophisticated auxiliary measures for supporting businesses. For instance, cloud computing is one of the new concepts in IT design whose implementation requires customers to comply with certain set conditions and rules.
However, IT-governance is a broad domain, which includes interactions with risk and compliance issues. Considering this fact, it is prudent to concentrate on specific IT-governance subdomain. Similarly, data security is equally big and often a controversial topic of discussion as witnessed in most of the German public forums (Becker & Bailey, 2014), thus, compliance to appropriate IT infrastructure is essential for sustainability and continuity of business entities, for instance, complying to tax authorities.
Besides, the risk of possible misuse of both private and business information is on the rise and may lead to complete insolvency or prosecution for a company. Therefore, this dissertation focuses entirely on IT-compliance of data security with a special concern of whether SAP is the best practice for IT cloud Compliance.
The above circumstances are the motivation behind this master’s thesis and the research question may be summarized as follows:
“Is IT audit compliance data security possible and transparent with Cloud Computing Essay?”
Objectives of the Study
The already existing literature review on fields relating to cloud computing security systems exhibit the presence of multiple gaps and limitations. The following are some of the limitations of cloud computing security.
- The existing security frameworks and guidelines are of high level and lack the necessary technical depth and requirements, especially for IaaS cloud services.
- There are SaaS audits; however, IaaS cloud audits are missing
- The existing cloud audits demands for special auxiliary hardware
- There is no security language for IaaS cloud audits.
- There are no cloud data set, including cloud-specific attacks that are available for free.
Therefore, this master’s thesis on IT audit compliance and Cloud Computing Essay develops a comprehensive IT auditing system. The objective of this thesis is to identify specific cloud security issues, especially in IaaS clouds and the most appropriate ways to address them. The development of flexible, on-demand cloud technology is the most applicable means of achieving such security solutions. The research has the following major areas of concern.
- To identify and contrast the traditional and emerging cloud-specific security issues for clouds
- To investigate changes needed in the security audits for appropriate addressing of the identified cloud-specific security challenges.
- To assess the necessity and requirements of IT audit, that is, contributing to the compliance and sustainability in today’s digitalized organizations
- To assess the definitions provided by the COBIT model on requirements and best practices
- To investigate possible adaptations or alternatives to the COBIT model
- To assess the appropriateness of SAP as the best practice for IT Cloud Computing.
Cloud Computing Essay Problem Statement
With highly publicized incidences of data loss and increasing security risks, many organizations struggle to develop and maintain a strong information technology (IT) control environment to mitigate IT risks. In order to manage risks and security concerns effectively, there is a need for organizations to do a thorough IT audit to ensure all the IT resources are in line with the strategies, operations, and aims of an organization.
There are well-designed internal control and IT audit frameworks such as COBIT, COSO, ITIL, and Sox among others that organizations follow to ensure effective review of the information systems. The ultimate goal of having audit frameworks is to enhance security and efficiency in operations, which are among the major targets of cloud computing. Therefore, this thesis paper illustrates the standards and guidelines needed in IT auditing and significances of complying to such guidelines.
Cloud Computing Essay Thesis Structure
The thesis addresses the objectives mentioned above in details, and it is organized into five Chapters as follows.
Cloud Computing Essay Chapter One
The necessity and requirements of IT audit, i.e. contributing to compliance and sustainability, in today‘s digitalized organizations. The chapter begins with an introduction to the general IT audit concept.
The chapter identifies cloud-specific security issues and how cloud security audits would adapt to be appropriate measures necessary for mitigating the presented security issues. The chapter proceeds by identifying the necessities and requirements needed for effective IT audit in an organization. The chapter ends with a detailed discussion of the benefits of IT audit in an organization.
Cloud Computing Essay Chapter Two
How IT audit fits into compliance – regulations, and standards for IT governance. This chapter presents the general concept of rules and regulation in IT auditing and cloud computing technology. It starts with an introduction to regulations and standards for IT governance.
It then presents an analysis of how an IT audit fits in the identified rules and regulations for IT governance. Next, the chapter covers the COBIT model, identifying requirements and best practices for the model. The chapter ends with a detailed discussion of the alternatives and possible adaptations of the COBIT model.
Cloud Computing Essay Chapter Three
Adopting the standards into applied processes and models in the organization. This is the most vital chapter in this research. It begins with an introduction of common applied processes and models in an organization and how to adopt standards into such processes and models.
For an effective presentation of the concept, the chapter provides a case study, SAP SE Case Study, an example of the best practices of IT operations excellence and IT audit compliance. Further, the chapter also provides a comparison with some of the publicly available information from cloud industry competitors like Azure, AWS, Google, and Salesforce. The chapter finishes with a discussion of how the key competitors to SAP in the cloud market add value to the industry.
Cloud Computing Essay Chapter Four
Audit/Compliance to regulations and standards. Chapter four fosters the concept of audit and or compliance with regulations and standards. The chapter identifies specific rules and regulations required in order to mitigate specific cloud security issues. The chapter wraps with a discussion on the importance of compliance with regulations and standards.
Cloud Computing Essay Chapter Five
Conclusion and Recommendations. Finally, chapter five presents the main conclusion of the entire research, identifying key findings, takeaway points, and limitations encountered. Conclusion entails restating of the research objectives and how the entire research has realized them. The thesis also provides appendices to support the discussion of the research chapters. The recommendation section details suggestions for appropriate risk management strategies with relevant models, flowcharts, steps, and instructions to be followed.
Each chapter begins with an introduction of the respective research areas. After the introduction, the aims of the research subtopic are formulated and developed throughout the subtopic discussion. After discussing every topic in details, the chapters end with a summary of the presented work.
Cloud Computing Essay Chapter One: The Necessity and Requirements of IT Audit
This chapter aims at presenting the general concept of IT audit and contributions to compliance and sustainability of today’s digitalized organization
Cloud Computing Essay IT Audit
An IT audit refers to the process of examining and evaluating an organization’s technology infrastructure, policies, and operations (Gantz, 2013). According to ISO 190011:2018, an audit refers to “systematic, independent, and documented process for obtaining audit evidence (records, statements, fact, or other relevant and verifiable information) and evaluating the objectivity in order to determine the extent of fulfillment of audit criteria.”
The objective of Information Technology audits is determining whether the current IT controls to protect the company’s assets, ensure data security, and are in perfect alignment with the business’s overall goals and objectives. Therefore, IT auditors do not only examine the physical security in a company but also analyzes the general business and financial controls that involves the application of information technology systems……..
Cloud Computing Essay Bibliography
-
- Becker, J., & Bailey, E. (2014). A comparison of IT governance & control frameworks in cloud computing.
- Business Insider. (2011) Amazon’s Cloud Crash Disaster Permanently Destroyed Many Customers’ Data. [Online]. Accessed on 17 August, 2019
- Carlin, S., & Curran, K. (2013). Cloud computing security. In Pervasive and Ubiquitous Technology Innovations for Ambient Intelligence Environments (pp. 12-17). IGI Global.
- Chen, Y., Paxson, V., & Katz, R. H. (2010). What’s new about cloud computing security. University of California, Berkeley Report No. UCB/EECS-2010-5 January, 20(2010), 2010-5.
- Cloud Security Alliance. (2011) Governance, Risk Management and Compliance (CSR). [Online]. Retrieved on 17 August, 2019.
- Gantz, S. D. (2013). The basics of IT audit: purposes, processes, and practical information. Elsevier.
- Garrison, G., Wakefield, R. L., & Kim, S. (2015). The effects of IT capabilities and delivery model on cloud computing success and firm performance for cloud supported processes and operations. International Journal of Information Management, 35(4), 377-393.
- Garrison, G., Wakefield, R. L., & Kim, S. (2015). The effects of IT capabilities and delivery model on cloud computing success and firm performance for cloud supported processes and operations. International Journal of Information Management, 35(4), 377-393.
- Hoff, C., Johnston, S., Reese, G., & Sapiro, B. (2010). Cloud audit 1.0-automated audit, assertion, assessment, and assurance api (a6). Internet Engineering Task Force, Internet-Draft draft-hoff-cloudaudit-00.
- IDC, 2009. IDC09] IDC. Enterprise panel 3q09.
- Kale, V. (2014). Implementing SAP CRM: The guide for business and technology managers. Auerbach Publications.
- Pearson, S. (2009, May). Taking account of privacy when designing cloud computing services. In 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing (pp. 44-52). IEEE.
- Rasheed, H. (2014). Data and infrastructure security auditing in cloud computing environments. International Journal of Information Management, 34(3), 364-368.