Cloud adoption brings unexpected costs, KPMG survey says

Companies moving IT systems to the cloud are encountering higher costs and more implementation problems than they expected, KPMG International reports in a survey scheduled to be released on Tuesday.

About one-third of the more than 650 business and IT leaders in the global survey experienced higher-than-anticipated expenses adopting cloud-computing services, while a similar number reported significant implementation challenges.

Rick Wright, leader of KPMG’s Global Cloud Enablement Program, said companies need to focus on more than just technology issues when developing their cloud adoption strategies. Companies should examine their business processes and redesign them as needed to secure a smoother transition to the cloud.
“Simply put, executives have found that simultaneous process redesign is central to addressing the complexities that often arise in the implementation and operational phases of cloud adoption,” Wright, a partner with KPMG LLP, said in a news release.

Moving to the cloud is not about short-term cost savings, said Erik Asgeirsson, president and chief executive of CPA2Biz, the technology subsidiary of the American Institute of CPAs. “It’s about positioning your business for new fields of growth,” he said. “Down the line, there certainly are cost advantages, but some investment is required upfront, particularly to work through change management issues.”

Executives in the KPMG survey cited lower, long-term IT costs as their top reason for moving to the cloud. Among the other benefits sought were more efficient operations, more flexible operating models and faster speed to market, Wright said.

To maximise the long-term benefits of cloud computing, companies should develop a cloud strategy that ensures alignment with core business objectives and minimises the risk of implementation problems, KPMG said. The firm pointed to security issues as an area where a more strategic approach is needed. More than one-quarter of the companies in the survey reported extensive security-related challenges.

To lower the risk of such problems, company executives and IT leaders should work together to craft a plan that anticipates potential security concerns and implements corrective action to close security holes, KPMG says. Because many cloud providers have strong and sophisticated security measures in place, companies moving to the cloud should be able to enjoy enhanced protection in a cloud environment.

“When thoughtfully implemented, many providers could actually offer robust and resilient security measures and controls that could enhance overall security in the cloud,” said Greg Bell, a US principal and services leader at KPMG LLP.

To find cloud service providers with thoroughly vetted technology and processes, organisations should see if the provider has undergone a Service Organization Control (SOC) audit, especially a SOC 2, type 2 audit, which measures the performance and controls of a vendor’s cloud systems over an extended period of time.

“Due diligence of cloud vendors is a key part of the adoption process, and you want to be sure the cloud providers you rely on have gone through a comprehensive IT audit such as a SOC 2 engagement,” Asgeirsson said.

The survey participants represented organisations in 16 major global markets. More than half of the organisations are operating in the cloud, KPMG said.

Jeff Drew ( is a CGMA Magazine senior editor.