Premium
Cloud Software: How to Validate Third‐Party Vendors
Author(s) -
Fanning Kurt
Publication year - 2014
Publication title -
journal of corporate accounting and finance
Language(s) - English
Resource type - Journals
eISSN - 1097-0053
pISSN - 1044-8136
DOI - 10.1002/jcaf.21968
Subject(s) - outsourcing , compliance (psychology) , cloud computing , third party , service (business) , service provider , control (management) , point (geometry) , business , software , computer science , internet privacy , accounting , computer security , marketing , psychology , social psychology , geometry , mathematics , artificial intelligence , programming language , operating system
The increased outsourcing of applications and data processing by firms raises an important issue: How should you validate the actions of the third‐party vendors? The Sarbanes‐Oxley Act and other compliance issues require some form of judgment of those actions. This article explains the authoritative guidance for reporting on such service organizations. The author looks at assessing the validity of the service provider's internal control, privacy compliance, and other aspects from both the user's and deliverer's point of view.