Choose an area of interest:

Choose an area of interest:
Accounting | A & A | Corporate Finance | Ethics & Compliance | Financial Planning | HR & Training | International | Legal | Students | Tax | Tech

Issues and Trends: Assessing and Managing SaaS Risk

July 1 2011 (SmartPros) Grant Thornton LLP's Software practice released Issues and trends: Assessing and managing SaaS risk. The paper provides an in-depth look at and analysis of issues within the growing software as a service (SaaS) technology industry segment, including the primary risk factors confronting companies that operate in the sector, and steps that CEOs, board directors and other C-suite executives can take to diminish risks.

A nascent but fast-growing technology sector, SaaS is populated by a large number of businesses offering a wide range of hosted software services. THINKstrategies’ Cloud Computing Showplace, for instance, counts more than 1,300 cloud computing vendors, including SaaS providers, operating in more than 80 application and industry segments (the lack of a clear set of criteria to define SaaS has contributed to increased competition). The number of pure-play companies in the space, meanwhile, is only increasing while major technology businesses such as Microsoft, Oracle and SAP are building out their SaaS offerings.
“SaaS providers have strong growth possibilities in front of them but CEOs, board members and other C-suite executives must keep their eye on the ball when it comes to managing risk if they want to grow and achieve consistent profitability in today’s rapidly evolving technological landscape,” said Ralph Nefdt, national software sector leader of Grant Thornton’s Software practice. “New challenges, such as high-speed change and the need for continuous innovation, among other factors, pose significant threats to SaaS companies.”
The Software group published its white paper as a result of data derived from a survey of 121 technology professionals at U.S.-based and global businesses, spread between traditional software vendors, pure play SaaS, sub-$50 million revenue businesses, and pre-revenue or those with less than $1 million in annual sales. Fifty-five percent of respondents were comprised of corporate executives such as CEOs, CFOs and CIOs.
Grant Thornton’s Software group conducted the survey to collect quantifiable data that would illustrate the extent of risk in the SaaS sector and provide a thorough analysis of the research findings based on the deep technology and risk management experience of its professionals.
The survey found that 63 percent of respondents thought that the SaaS sector needed to improve its credibility, 34 percent indicated that SaaS compliance management systems are no better or worse than compliance systems associated with in-house applications. Likewise, 38 percent thought that SaaS risk management practices are no better or are worse than those associated with in-house systems.
The risks facing the rapidly growing industry shouldn’t be underestimated. Even young companies that have established success early on should not consider that to be a barometer for long-term profitability. As businesses mature, diversify product offerings, add customers and staff, and become more financially complex, they also typically require greater standardization and more robust control systems. At the same time, newer players with little industry experience are often hobbled by poor visibility and limited financial support, while the revenue recognition business model commonly used in the industry and the manner in which many customers procure software services stand to constrain the growth of SaaS providers.
SaaS companies, though, face risks in three primary areas:
  1. Financial risk — Intense competition and maintaining adequate capital for growth and development threaten to sap capital. SaaS companies face unique financial risks — most notably how to develop sustainable revenue- and sales-generation business models.
  2. Operational risk — SaaS services require 24/7 operability backed by vigilant observation and the execution of highly effective business continuity plans. Data management, scalability and security protocols are critical for future success.
  3. Compliance risk — Complex domestic and global compliance requirements, often too complex for most organizations to understand or manage on their own, are a formidable challenge. The importance of using critical control and efficiency practices, such as SSAE 16 audits (formerly known as SAS 70 audits), ISO certifications, SysTrust audits and other standard compliance tools cannot be overlooked. Implementing the right set of compliance controls can not only help providers meet regulatory standards, but also improve organizational efficiency, internal controls and enhance market credibility.
“As the SaaS segment has evolved, so too have the challenges, opportunities and risks. It is imperative that SaaS providers address internal risk management practices and standardize compliance processes if they want to continue innovating, succeed, build credibility and capitalize on the demand for ground-breaking enterprise and cloud computing applications,” said Cal Hackeman, national managing partner of Grant Thornton's Technology Industry Practice.
To learn more about the risks facing SaaS providers and the steps that can be taken to mitigate risk, please visit:

2011 SmartPros Ltd. All rights reserved.

Source: Grant Thornton LLP

Related Stories
This Week in the SmartPros News & Insights Newsletter

There's an App for That

New Report Reveals History and Future of Mobile Malware

 Related Courses

Would you recommend this article?
5 (yes, highly)
1 (no, not at all)

About SmartPros | Accounting Products | Professional Education | Marketing Services | Consulting | Engineering Products | PE Review Course | Contact Us
Copyright 2015 Kaplan, Inc. | All rights reserved.