Cloud computing has changed the world dramatically. The objective of this research is to evaluate the technological changes introduced by cloud computing, followed by a review of the regulatory environment of cloud computing from the point of view of protecting all parties involved in using it. The regulatory environment means, for the purposes of this thesis, the existing New Zealand laws and standards, along with some laws and standards from other countries that are effective with respect to New Zealand organisations. A conceptual model is developed, validated, and refined via findings from the collected data, and changes to the current regulatory environment suggested by New Zealand security experts in the industry are presented and discussed.