Is the Cloud Right for our Compliance Management Needs?

Posted by Craig Thornton

Key considerations before saying ‘yes’ to the cloud

So you’ve found a compliance management software solution that you like the look of. It seems to have all the ‘bells and whistles’ you need and, as such, from a solution-fit point-of-view, it ticks enough of your boxes.

But it’s a cloud-based solution and because you’re not an IT person, that’s outside your comfort zone.

Of course you’ve heard everybody talking about the cloud and whilst it’s undoubtedly the biggest buzzword in technology at the moment, it can’t all be a bed of roses, can it?

The short answer is of course not – as with most new things there are always potential downsides.

But what might those downsides be and how do you go about understanding them?    

 

cloud-computing-for-compliance-management.jpg

 

Look Beyond the Shiny Stuff

I’ve always thought that choosing new software is a bit like buying a new car. Chances are your preferred model will be a lot better than your existing car – and probably a few other ‘newbies’ that you’ve looked at. But it probably won’t be perfect and once you’ve got over the buzz of the test drive and the pitch of the smooth-talking salesperson, there are other factors to take into consideration. 

I’m sure you get the picture; things like running costs (fuel, maintenance, etc.) and whether your passengers/other drivers will like it as much as you do. There might also be a few things you love about your existing car that the new one doesn’t have - or do as well.

Likewise, with software, there are some key considerations beyond the shiny stuff that you should be aware of.   

The trick then is to do enough research and ask enough questions so you can objectively compare those potential downsides against the benefits. Only then can you be sure that the cloud is right for you and you know that the benefits definitively outweigh any downsides and sacrifices you’ll have to make.

Here’s the areas that I suggest you investigate: 

  1. Data & Security

    One of the questions that often gets forgotten with the cloud is where exactly is the data physically held? Call me old fashioned, but I think that sort of information is quite important – especially since it’s your data!

    Of course, you may not be able to influence the outcome, but you still need to know – especially since in some parts of the world (Europe in particular), there are stringent laws around all this. 

    Next, you want to seek assurances about data security (not forgetting that even some of the biggest, most well-known companies in the world have been the victims of data breaches).

    Thankfully, this isn’t as onerous as it might sound because the software vendor should be able to give you a document that clearly spells out what measures they take to secure your data and their software.

  2. Implementation & Training

    No matter how you spin it, implementing new software and getting it embedded in the organisation isn’t trivial. And whilst cloud solutions typically promise faster, easier implementations, there’s still effort required from both parties. 

    So not matter how trivial, you need to know what’s required, how long it’s going to take, who’s responsible and who needs to be involved.

    A key consideration here will be any existing data you want to use with the new software.  Will it need to be cleansed or manipulated first and how will it get loaded?

    You should also find out how ‘acceptance’ is defined, i.e. at what point are you deemed to have accepted that the software is fit-for-purpose. 

    And then of course, there’s the cost. Do you understand how much implementation and training is going to cost and how it’s calculated? 

  3. Change Management

    Over and above the initial implementation and training, you should also consider the bigger issue of change management. 

    No matter how good a ‘fit’ the software is and how easy it is to configure, there will inevitably be process change.

    This will inevitably change how people do their jobs – things like the tasks they’ll perform, how they’ll interact with the software and the frequency of use. 

  4. Device Flexibility

    Related to the above point about user-interaction is the question of device flexibility.

    Gone are the days when people need to sit in front of a desktop PC to interact with software. Thankfully, we now have laptops, tablets – even smartphones.

    The good news with cloud apps is that, generally speaking, they lend themselves well to use on smaller devices. But don’t just assume – find out what types of hardware (and browsers) are supported so there’s no nasty surprises later.    

  5. Money Matters

    One of the key differences between traditional software and cloud apps is how you pay for them. With traditional software you tend to pay a significant upfront licence followed by an ongoing support fee. 

    However, most cloud vendors use what is commonly known as a subscription-based pricing model.  All this means is that you pay a recurring amount – typically monthly – to ‘subscribe to’ (i.e. use) the ‘service’ (i.e. the software). A good analogy here is to think of how you buy electricity or home broadband, for example.   

    And whilst most companies (especially SMBs) prefer the subscription-pricing model, it doesn’t suit everyone.

    You also want to understand at what point the price might change – for example, what if you need more (or less) users, what impact will that have? These are all good questions to ask so you know exactly how the money-side of things is going to work.  

  6. Ongoing Support & Upgrades

    As noted above, whilst cloud vendors tend to bundle their support fees in with the subscription, you still need to know what support you’ll receive. That means understanding the support process and whether there are any limits.

    Then there’s software updates and upgrades. Again, you want to know what’s included within your subscription and how the process is managed. Generally speaking of course, upgrades are good things as you benefit from new functionality but oftentimes you won’t be able to control when these are released (they’ll just happen automatically).

    That means you should seek assurances that the upgrade process won’t muddy your door with features that you just don’t want or simply aren’t ready for. 

  7. Background Checks

    Here is not the place to start explaining technical jargon like APIs and Web Services but it’s the reason why integration is a key benefit of the cloud.

    This means it’s easy to integrate with other cloud apps - and even your in-house systems. Thus a cloud compliance solution can be readily integrated with data from a wide variety of data sources with minimal effort.

    And as you scale with a cloud app, there’s no need to invest in server capacity and software licenses. Simply adjust your subscription and you’re good to go. 

    This is the bit where you look for validation that the software vendor actually knows what they’re doing. Sure, they seem to be able to crank-out good software but are they a professional, well-run business? And is there strong evidence that their existing clients hold them (and their software) in high regard?

    It doesn’t take much to perform some basic background checks so why wouldn’t you?   

  8. The Legalese

    Be honest now, when was the last time you were updating the software on your smartphone and actually read the terms & conditions before accepting them? Umm… thought so. Me too by the way!

    Unfortunately, sometimes you’ve just got to read the small print – especially since you’re committing your company to those terms.

    Chances are there won’t be anything in there that concerns you but isn’t it better to be safe than sorry? Also, most agreements these days are written in plain English so gone are the days when you had to pay a lawyer to ‘translate’ it for you.     

The takeaway

If you’re not an IT person, the idea of the cloud can seem both attractive and a little daunting.

However, if you take the time to do a little research and ask the right questions, you’ll be a lot more informed.

Sure, there’s a lot to like about the cloud, but as with anything new, change is inevitable. Do yourself a favour, find out what those changes will be before you sign on the dotted line. 

Tags: QHSE, Compliance, Cloud Computing