Independent University, Bangladesh

Course Title: Accounting Information Systems

Course ID: 441
Section: 01

Kluuvin Apteekki Pharmacy

Case Study
Submitted To: Mr. Naveed Adnan Sir
Submitter by
Name ID
Amira Binta Nazrul 1710436
 Managing the move to the cloud-analyzing the risk and opportunities of cloud-based AIS
2
(Case Study)

EXECUTIVE SUMMARY
According to this case study a sole owner of a small pharmacy business who have been suffering
from the workload of all the accounting processes that she have been doing by herself from the
beginning of her business. Even though she is not from business background she have been
doing her accounting related tasks very effectively. Recently she realized that should give more
time on the core of her business. So reducing her workload she thought of using cloud based
accounting information system for her business.

Cloud computing is a kind of on-demand availability of computer system resources, especially

data storage and computing power, without direct active management by the user. The term is
generally used to describe data centers available to many users over the Internet. It can save-up a
lot of time for her to think about business core rather than accounting management. The idea of
this study is to gather knowledge about importance, advantage and risks of cloud computing in
accounting information system.

In this case I tried to give answers to some questions that might help the reader to understand
more about cloud computing, its importance in business, benefits, security risks and mitigation of
the risks also whether price is an important factor for choosing cloud system or not. These
answers of case study can help the reader to develop his/her business with effective use of cloud
computing for accounting processes.

Page 2 of 10
 Managing the move to the cloud-analyzing the risk and opportunities of cloud-based AIS
3
(Case Study)

TABLE OF CONTENTS

Executive summary...................................................................................................2
Case Study Questions:...............................................................................................4
1. Which cloud-based accounting information system should Pia select and why?
................................................................................................................................4
2. Should Pia be worried about possible lock-in with either accountant or system
provider?.................................................................................................................5
3. How should Pia mitigate the possible data security risks?.................................5
4. Is price an important factor when choosing the system?....................................6
5. Prepare an approximately one-page summary highlighting the key
ideas/concepts/information in this case study........................................................7
References.................................................................................................................9

Page 3 of 10
 Managing the move to the cloud-analyzing the risk and opportunities of cloud-based AIS
4
(Case Study)

CASE STUDY QUESTIONS:

1. WHICH CLOUD-BASED ACCOUNTING INFORMATION SYSTEM SHOULD PIA

SELECT AND WHY?
Answer: Based on Pia’s situation, Pia should select the third system. It will offer fundamental
infrastructure of virtual servers, network, operating systems and data storage drives. It will
improve the flexibility, scalability and reliability of Pia’s pharmacy business. Even though
Kluuvin Apteekki is a small pharmacy business but the owner Pia is facing problem with the
financial administration tasks and for the workload of these tasks she was not being able to
concentrate on the core business of the pharmacy. Using the third system it can free up her time
to focus on her business.

It has high level of efficient interface unlike other two systems. It provides all-the infrastructure
to support web apps, including storage, web and application servers, and networking resources.
Pia can quickly deploy web apps on IaaS and easily scale infrastructure up and down when
demand for the apps is unpredictable, which means she can easily customize the app as she like.
Even though the monthly charge is higher for the third system rather than other two systems,
there are no transaction fees. It is also pay per use.

She was also facing problems with payroll processing since nine out of sixteen employees work
part-time, which means employee turn-over is high, the payroll system can change over time
which makes the payroll process more complex. The third system can also solve the problem. Pia
will be able to work with her accountants from any location through internet connection. She can
also check the status of her business in real time. She can freely choose the tasks she wants to
outsource and at the same time, maintain control over the process.

Page 4 of 10
 Managing the move to the cloud-analyzing the risk and opportunities of cloud-based AIS
5
(Case Study)

There are different deployment models Private, Public and hybrid. The third system provides all
three models. Private cloud is secure expensive and takes time to maintain on the other hand
public cloud is not secure since cloud providers control it. IAAS allows hybrid cloud model. The
idea of a hybrid cloud is to provide control on crucial parts of the process, while allowing public
cloud services to deal with routine and computing intensive tasks. So Pia will be able to easily
apart her intensive tasks so she can have control over those parts of the tasks.

2. SHOULD PIA BE WORRIED ABOUT POSSIBLE LOCK-IN WITH EITHER

ACCOUNTANT OR SYSTEM PROVIDER?
Answer: Pia should not be worried about lock-in with accountants or system providers. Since all
the data and tools are in the cloud she was worried about losing the security and privacy of her
data. In that case she can select private cloud to ensure that all the data and implementation of all
layers of cloud for example SaaS, PaaS and IaaS stays within the company IT. So she would not
have to change the system provider. Also while choosing a system provider pia needs to check
their business health, financial health, risk management, the provider should also be able to
validate compliance with all of your requirements through a third-party audit. It needs to provide
performance report. It needs to have technical capabilities. There should be a comprehensive
security infrastructure for all levels and types of cloud services. If Pia selects her system provider
based on availability of these things she would not have to worry about changing the system
provider. Again the third system is tied with accounting service. Pia is the one who will use the
cloud system so don’t need to worry about hiring an accountant. The cloud system is automated.
Which clarify that Pia does not need external accountants.

3. HOW SHOULD PIA MITIGATE THE POSSIBLE DATA SECURITY RISKS?

Answer: Pia can mitigate the possible data security risks many ways. Cloud computing is not
insecure primarily, it just needs to be managed and accessed securely. In network, there is no
complete security solution to protect data and app or services, but satisfactory risk management
can reduce the level of risks. So before selecting any service provider for her business she needs
to justify the things written down below:

Page 5 of 10
 Managing the move to the cloud-analyzing the risk and opportunities of cloud-based AIS
6
(Case Study)

Data Security and Control: The service providers need to have enough skills to prevent, detect
and react according to various security breaches. Service logs and service agreement terms
inspections are performed in a daily basis. Again there are some validity tests also required for
pia’s business to avoid security breach because of malicious data are in cloud such as: cross-sire
scripting, insecure configuration, SQL injection flaws and weakness in access control inside
companies policies. Service providers should provide transparent services (controls, security and
operations) for pia’s business.

Network Security: For a secure system to prevent unauthorized modification and access to data
by using proper set up or configuration of firewall and authorized access rights. To avoid
hijacking active session and access clients’ credential data, Pia’s service providers need to do
some tests and validate network security by using some prominence security tools such as: SSL,
session management and packet analysis. Some policies should be implemented in router and
layer three switch to secure data traffic. Additionally, an important thing needs to be control
which is interaction between mobile users and cloud services providers.

Data Confidentiality and Integrity: To protect illegal disclose and modification of data proper
authentication and authorization mechanism should implement. Service development and
deployment models (Private, Public and Hybrid) must be clear for a developer to protect and
restrict use of data.

Data and Service Availability: Internet speed (bandwidth) and connectivity should be available
during data and applications transmission over the network. Monitoring of network load or
traffic for proper load balancing and data distribution should be performed by Network service
providers. Data replication and backup policies are also need to be standard and provided
auditable proof for data restore procedures, which includes accuracy and completeness over time.

Access Control: Pia’s service providers should prove that they have proper and accurate security
mechanism to protect unauthorized access. All access or changes in cloud services (resources
and data) provide auditable report whether it is success or fail and it needs to be reviewed along
with monitoring to be performed in a daily basis.

Page 6 of 10
 Managing the move to the cloud-analyzing the risk and opportunities of cloud-based AIS
7
(Case Study)

On the other hand pia can also use the private cloud deployment model so that she can manage
and operate the infrastructure and business data. The primary goal of this deployment model is to
sustain consistent level of security and privacy. Or she can also use hybrid deployment model.

4. IS PRICE AN IMPORTANT FACTOR WHEN CHOOSING THE SYSTEM?

Answer: Yes, Price is an important factor while choosing the cloud system for pia’s pharmacy
business. According to pia’s business size it’s obvious that pia needs to think about the cost of
the cloud service. But if this cost can improve the efficiency and growth of her business she
needs to pay a good amount of price to the service provider. Pia has been facing lots of problems
on financial processes. She has been suffering from lack of time she could give to growth of her
business since she had to give more time on accounting processes. For example Payroll
processes since nine out of sixteen employees are working part time which may cause employee
turnover. Again she is not from business background which might lead to inefficient accounting
tasks. Since every calculation needs to be done carefully in order to deduce the right amount of
tax to be paid. Keeping these things in mind Pia needs to know that cloud based account
information system can be cost efficient. It will free up more time for Pia to concentrate on her
core of business rather than accounting processes. On her business she must be concern about
benefit and cost when choosing the system. In cloud based accounting information system she
found that there are fixed fees, software licenses and monthly service cost and some hidden
costs. Cloud computing is associated with lower costs since the whole service runs on the
computers of service provider. It works in software so there is no costly investment into the
software. Pia can also pay for everything on usage. But pia needs to think which service provider
would be better, beneficial for others according to cost and efficiency. The more pia will pay for
cloud based accounting in formation system service provider the more effective outcome and
accurate accounting tasks might take place. Since accounting is a complex and difficult to
maintain Pia should think about the efficiency of her business rather than cost. Eventually we can
say that price is a big and important factor on pia’s case since her business is small and the
workload is too much for her to handle by herself so it is better to pay for a reliable service
provider so she can give more time on the core of a business rather than accounting processes.

Page 7 of 10
 Managing the move to the cloud-analyzing the risk and opportunities of cloud-based AIS
8
(Case Study)

5. PREPARE AN APPROXIMATELY ONE-PAGE SUMMARY HIGHLIGHTING THE

KEY IDEAS/CONCEPTS/INFORMATION IN THIS CASE STUDY .
Answer: The idea of this case study is to provide the knowledge of importance, advantages and
downsides of cloud based accounting information systems. According to the case study Pia who
is sole owner of a small pharmacy business named Kluuvin Apteekki has been facing many
problems regarding accounting and financial problems. Even though Pia is not from business
background she has been managing all the accounting processes by herself that need to be
handled in any businesses, which consists of sales, purchases, payments, reporting and payroll.
But the pharmacy business in her place is very competitive. She realized that she should not only
be worried about the accounting processes of her pharmacy business. So she had to give more
time on thinking about the growth and core of the business but she also had to do all the
accounting processes by herself which caused lack of time for her to think about the growth of
the business, new ideas to make her business for efficient. After analyzing all the matters that
have been bothering her, she started thinking of cloud based accounting information systems. In
this case she evaluated all the advantages and disadvantage of the cloud computing system for
her business in order to have an efficient business. Cloud computing is the on-demand
availability of computer system resources, especially data storage and computing power, without
direct active management by the user. The term is generally used to describe data centers
available to many users over the Internet. It can save-up a lot of time for her to think about
business core rather than accounting management. Even though it can make her workload less,
cloud computing has its own downsides. Although cloud service providers implement the best
security standards and industry certifications, storing data and important files on external service
providers always opens up risks. Any discussion involving data must address security and
privacy, especially when it comes to managing sensitive data. Data can be hijacked if there are
no proper maintenance and regular monitoring. A good cloud service provider maintains the
security issues of the data in daily basis. Even though cloud computing has its downsides it helps
business to grow efficiently. Pia had a lot of insecurities about cloud based accounting systems
but she also realized that this initiative can make her business more efficient. She will not have to
worry much about accounting processes of her business and she can easily communicate with her
service provider and she can also check her business status in real time. More benefits of cloud

Page 8 of 10
 Managing the move to the cloud-analyzing the risk and opportunities of cloud-based AIS
9
(Case Study)

based system are that it is centered on scalability, flexibility and accessibility. It also integrates
all the company’s process in the same place and allows access 24/7. The main idea of this case
study is to developing skills and competencies to create a strong business and implementation of
IT –enabled business processes.

Page 9 of 10
Managing the move to the cloud-analyzing the risk and opportunities of cloud-based AIS
10
(Case Study)

REFERENCES
 RoyChowdhury, R. (2014, June). Security in Cloud Computing. In IJCA (Vol. 96, No.
15, pp. 24-30).
 Asatiani, A., & Penttinen, E. (2015). Managing the move to the cloud–analyzing the risks
and opportunities of cloud-based accounting information systems. Journal of Information
Technology Teaching Cases, 5(1), 27-34.

Page 10 of 10