Cloud Computing Basics

The term cloud computing came in existence is last decade while the concept and types of cloud computing services existed in one or the other form for past two decades. The name cloud computing is given to specify that organisations don’t have to worry about where there IT Infrastructure and Application Software are hosted, instead organisations can focus on the IT services they need to meet their fast changing customer requirements.

In past three decades business process automation has gone to the extent that IT has become a key part of all business transformation initiatives to help automate and enable the organisations to achieve their goals. IT services are more and more seen similar to utility services that are reliable, scalable and paid by usage. Cloud computing is also focusing on provide IT services as utility while keeping in mind that utility service needs vary from organisation to organisation. E.g. The power supply and water are the generic utility services and full fill basic need of electricity and water for the customer. But as the need for customer varies so the utility services vary and accordingly the service costs. The need of an industrial organisation is different to the need of an individual customer.

Cloud Computing focuses on providing IT services as utility services and has three types of service offerings which are briefly explained below,

SaaS – Software as a Service : SaaS offering covers the full stack of IT from the hardware all the way up to the software application service. The service is focused on pay for use and generally operates on the pay per use based on number of users and duration of use. E.g. Microsoft Office 360 costs $30 per user per month for online office application software usage.

PaaS – Platform as a Service: PaaS offering covers the IT stack up to providing a platform that business can use to build / manager their own applications. This service is also focused on pay for use and operates based on type of platform and number of applications to be run on the platform as well as any value added service additions. E.g. A company offering PHP and My SQL platform that can be used by organisations to build and host their own applications.

IaaS – Infrastructure as a Service: IaaS offering covers the IT stack upto the Infrastructure layer, in simple words up to Operating System level. The service is also focused on pay for use and operates based Infrastructure usage like hardware and storage. E.g. Hosting providers like Rackspace, Amazon and T-systems offering standardized, virtualized and secured infrastructure hosting that individuals as well as organisations can use for hosting their application platform and application software solution.


Sarbanes-Oxley Act Basics and ERP Systems

Sarbanes-Oxley Act Basics

From year 2000 to 2002 several large corporate companies are caught in series of frauds in area of financial practices and reporting. Examples of Enron and WorldCom lead to creation of Sarbanes Oxley Law, also called as SOx and known as  ‘Public Company Accounting Reform and Investor Protection Act’ (in the Senate) and ‘Corporate and Auditing Accountability and Responsibility Act’.

The SOx Act was activated in year 2002. The Act was named after Paul Sarbanes and Michael G Oxley who sponsored and helped in creating this law to implement stricter controls for companies financial reporting, auditing and corporate responsibility.

Reason for the Act and its implications

The SOx (Sarbanes Oxley Act) act was created in response to the financials frauds of Enron and WorldCom companies. The Act applies and puts in place stricter controls for all publicly listed companies in US as well as it applies to all companies the audit US based publicly listed companies. The Act does not apply to private companies.

Securities and Exchange Commission is accountable for checking that public companies adhere to SOx compliance, rules and regulations. Additionally the Public Company Accounting Oversight Board is helping to ensure the accounts auditing firms are doing their roles correctly and independently ensure SOx compliance of companies audited by them.

The SOx Act has eleven sections with several sub sections detailing each section. The sections are focused on Public Company Accounting Oversight Board, Auditor Independence, Corporate Responsibility, Enhanced Financial Disclosures, Analyst Conflicts of Interest, Commission Resources and Authority, Studies and Reports, Corporate and Criminal Fraud Accountability, White Collar Crime Penalty Enhancements, Corporate Tax Returns and Corporate Fraud and Accountability.

The Key Implications of SOx Act are,

Section 302 – Corporate responsibility for financial reports: Requires the CEO and CFO to be fully accountable and responsible for financial reports accuracy. It requires both officers to be responsible for internal controls that enable full transparency, accuracy and timely reporting of changes affecting financial reports. It also requires the officers to highlight any gaps in the internal controls and required corrective action.

Section 401 – Disclosures in periodic reports: Asks for full transparency of financial reports on period basis (e.g. quarterly). It requires companies to submit financial reports with full clarity on deviations like off balance sheet transactions reporting.

Section 404 – Management Assessment of Internal Controls: Focuses on defining the internal control measures and responsibility for internal controls implementation and day to day use. It also requires an audit and information on yearly basis of the effectiveness of the internal controls being practices by the organization.

Section 409 – Real Time Disclosure: Requires companies to do real time disclosure of change in financial situation due to material and operation changes in the company.

Section 802 – Criminal Penalties for altering documents: Defines the penalties for companies for altering financial documents, document/transaction audit logs and alteration of audit results.

Section 806 – Whistleblower protection: Empowers employees in organization to be able to report back on any fraudulent activities by protecting them.

How does MySAP ERP meet these implications

MySAP ERP is created based on leading industry best practices that meet, suite and support company needs from process automation to compliance to creating transparency and control. The solution helps companies to deploy industry standard internal controls that help companies to practice and comply easily.

SOx require companies to be faster, timely, accurate and transparent in their financial reporting and accounting practices. My SAP ERP is helpful in enabling companies to achieve above with industry standard processes and automation tooling.

MySAP ERP has internal control management sub module that helps in business process modeling, internal controls documentation and identifying improvements required in any control processes. It makes available management reports and dashboard that help C-level executives to check the state of accounting and internal controls used. This helps in enabling SOx compliancy for Section 302 – Corporate responsibility for financial reports and Section 404 – Management Assessment of Internal Controls.

MySAP ERP provides fully configurable financials and accounting module that helps organisations to setup their organisation structure and reporting flexibly. The general ledger in MySAP ERP helps in full transparency and disclosure. Its available in such a way that using one information source, multiple reports can be generated which could be suitable for various needs like legal and management reporting. It helps companies to have periodic, timely, accurate and transparent reporting. This helps in enabling SOx compliancy for Section 302 – Corporate responsibility for financial reports, Section 401 – Disclosures in periodic reports and Section 409 – Real Time Disclosure.

MySAP ERP has a sub module available for capturing whistle-blower complaints. The sub module helps employees to send messages about accounting irregularities noticed, directly to the audit committee using electronic form which can also be made anonymous if required. This helps ensure whistleblower policy can be enabled with ease and with employee protection while keeping the company focus on improving the accounting practices. This helps in enabling SOx compliancy for Section 301 – Public company audit committees and partly Section 806 – Whistleblower protection.

MySAP ERP helps deploy stronger internal controls and segregation of duties by creation of authorisation profiles that restrict users to specific roles and transactions in the system. This helps in ensuring strong authorisation control and prevention of possible miss use of data due to clear visibility of segregation of duties related conflicts. All in all it helps improve audit compliance and reinforcement of controls and governance. This helps in ensuring compliance for SOx Section 802 – Criminal Penalties for altering documents.

MySAP ERP has an in built audit information system, that allows internal and external independent auditing firms to do structured audit reviews. The system has preconfigured set of reports and activities that help auditors go through to validate required compliance as well as find out gaps and improvements. This helps internal and external SOx auditors in performing relevant audit checks in a structured manner.

Convergence from Technology to Life – Part 1

We just completed a decade in the Millennium. In this 21st century; technology is playing key role in changing lives in every part of earth. I bet you to pick up any sector, any field of expertise, any job everything is touched by the automation and technology. Specially the Information technology is playing the key role in the everyday changes and is also responsible for the speed of change we all are experiencing day in day out.

Let’s talk about a few areas of our daily life and see how technology and especially information technology is enabling the change as well as a little glimpse of where the future is taking us.

Let’s start with communications. In 1990s we started using mobile phones which gave us an ability to be able to reach out to people as and when we need and every individual could hold one or more telephone numbers. Great leap in making communications speed up and ability to reach people much faster. On one side it helped everyone have their own communications device, although initially not everyone could have one but eventually it spread like utility service and became the need for everyone to have one phone at least. The mobile phones then took a leap in early 2000 to become smart phones to be able to do more than phone functions, like playing music, receiving emails, having calculators, calendars, contact books with more detailed information of individuals. This further enhanced with in few years of last decade to become as powerful as a laptop and also it continued to enhance its processing and storage capabilities to the level that its able to run most of the laptop functions. Today it has enhanced to the extent that it can be used like a mini PC/laptop to do automation activities. Its still not over as it continues to converge itself to be able to do even more sophisticated things that we couldn’t even do with our laptops as these services would only make sense on the mobile device, things like GPS navigation, GPS Image location tagging, Picture scan to know where we are and future unveils that soon we would be able to point our mobile device cameras to any location, landmark on the road and it would bring real time information about that location and possible services, promotions, businesses that exists in that location. Gone are the days of needing a yellow page, green pages to browse for business listings, its an online world where we need the information real time and its of value only when its real time available.

Let’s look at another example and this time focus on entertainment, let’s take TVs for example which are converged from small size CRT displays to large size plasmas to long lasting LCDs and now even more slimmer LED TVs. The core function of the TV has also enhanced itself from playing TV stations, to movies, to games, to photos, to music and now comes the time to bring the TVs to be Online connected to internet. The new ranges of TVs come with internet connection and possibilities to use them for internet browsing, live videos and movies streaming from internet. On one end the current LED TVs are bringing a very high end rich experience of HD images and 3D viewing right at your home then on the other end the convergence and disruptive innovation continues to evolve. The TVs are destined to converge fully using the latest lighting solutions, the Laser rays and Projection devices. The TVs as big size display device in a home will converge to a small size palm device projecting an High Definition Light Displays.