Cloud Computing Guidelines From The Information Systems Audit And Control Association

Cloud Computing Guidelines From The Information Systems Audit And Control Association

Among the slew of guidelines on cloud computing floating around, the recent one published by industry body Information Systems Audit and Control Association (ISACA) has a lot of credibility. Established in 1965, the association has a long history of delivering guidance to its huge membership (more than 95,000 across 190 chapters in 75 countries) of Information Systems professionals and is well positioned to offer advice on the dynamic paradigm of cloud computing.

The whitepaper “Guiding Principles for Cloud Computing Adoption and Use”, available for free download on the ISACA site, offers readers a definition of Cloud Computing (see: Coining the Cloud: An Assessment of Cloud Computing’s Shifty Definition) and broad directions for adoption. According to ISACA, it “describes the nature of cloud computing and areas of pressure that, when not addressed, can increase risk to the enterprise. It also presents six principles for cloud computing adoption and use that can guide management toward more effective cloud implementation and use, reduction of pressure points, and mitigation of potential risk.”

The “guiding principles for adopting and using the cloud,” as mentioned in the paper, are:

1. Enablement

ISACA asks companies to “plan for cloud computing as a strategic enabler rather than as an outsourcing arrangement or a technical platform.” They are warned that “viewing it as a replacement for internal technology solutions limits the ability of enterprises to think broadly about how it can support the strategic direction of the enterprise.”

2. Cost benefit

Companies are advised to “evaluate the benefits of cloud acquisition based on a full understanding of the cost of cloud compared with other technology platform business solutions.” Also, cloud adopters are reminded that “the full cost of acquiring and deploying cloud infrastructures, platforms or software services is more than what is represented within the cloud contract and SLA.” Thus, ISACA asks enterprises to conduct a thorough cost–benefit analysis that includes things beyond the obvious.

3. Enterprise risk

Companies are advised to take a “larger picture” view, an “enterprise risk management perspective” in the matter. Rather than treat different risks – issues related to compliance and, in particular, privacy regulations and the export of personal information; and legal issues involving SLAs – as independent, they should be considered in combination.

4. Capability

Companies are asked to “integrate the full extent of capabilities that cloud providers offer with internal resources to provide a comprehensive technical support and delivery solution.” Thus, companies are asked not to abandon in-house talent and assets altogether but to combine them with those provided by cloud vendors for optimum benefit.

5. Accountability

Companies should “manage accountabilities by clearly defining internal and provider responsibilities.” According to ISACA, “adopting cloud solutions may break connections among people, technology, the processes that enable technology use, and the enforcement of individual and group accountabilities and responsibilities.” Hence, proper mechanisms should be put in place to address this.

6. Trust

The paper advises that cloud users should “make trust an essential element of cloud solutions, building trust into all business processes that depend on cloud computing.” It says that “Trust is an essential requirement for business applications of technology for internal and external users” and “results from the combined effect of organizational structure, culture, technical architectures, processes and the human factors that facilitate the deployment and use of technology in support of business functions.” 

Through this paper, ISACA has provided useful, big-picture suggestions that can help cloud adopters and users nip potential problems in the bud, while maximizing the benefits of going on the cloud. With the strength of peer review backing these assertions, it is great advice to be had for free.

By Sourya Biswas

sourya

Sourya Biswas is a former risk analyst who has worked with several financial organizations of international repute, besides being a freelance journalist with several articles published online. After 6 years of work, he has decided to pursue further studies at the University of Notre Dame, where he has completed his MBA. He holds a Bachelors in Engineering from the Indian Institute of Information Technology. He is also a member of high-IQ organizations Mensa and Triple Nine Society and has been a prolific writer to CloudTweaks over the years... http://www.cloudtweaks.com/author/sourya/

Sorry, comments are closed for this post.

Comics

At CloudTweaks, we're plugged into the cloud, the internet of things and all that the web has to offer. From wearable technology, to mobile computing, cloud computing and big data, CloudTweaks is your source for updates and news on the most innovative technology.

Popular

Top Viral Impact

Are Cloud Servers The Right Choice For Your Business?

Are Cloud Servers The Right Choice For Your Business?

Cloud servers offer power, flexibility, reliability, and client friendly hosting for small and medium businesses that have outgrown shared hosting. New business hosting clients are bombarded with an incredible diversity of different choices for their site’s hosting. It can be a challenge to negotiate the range of platforms and the marketing hype that many hosting…

Cloud Infographic – The Future Of Big Data

Cloud Infographic – The Future Of Big Data

Cloud Infographic – The Future Of Big Data Big Data is BIG business and will continue to be one of the more predominant areas of focus in the coming years from small startups to large scale corporations. We’ve already covered on CloudTweaks how Big Data can be utilized in a number of interesting ways from preventing world hunger to…

Cloud Infographic – Cloud Computing And SMEs

Cloud Infographic – Cloud Computing And SMEs

Cloud Infographic – Cloud Computing And SMEs SMEs (Small/Medium Sized Enterprises) make up the bulk of businesses today. Most cloud based applications created today are geared toward the SME market. Accounting, Storage, Backup services are just a few of them. According to the European Commission, cloud based technology could help 80% of organisations reduce costs by…

The Education Revolution: Cloud In The Classroom

The Education Revolution: Cloud In The Classroom

The Education Revolution: Cloud In The Classroom With the back-to-school season now upon us, parents, students and teachers everywhere are once again struggling with the perpetual challenge of making kids job-ready in a high-speed and fast-changing environment. There is little doubt in anyone’s mind that information technology plays a central role in all areas of life…

Featured Sponsors

Watching You Shop: Stores And Mannequins “Read” Their Customers And Respond

Watching You Shop: Stores And Mannequins “Read” Their Customers And Respond

Watching You Shop The mannequin in the store window stares blankly ahead as shoppers look at the clothes it is dressed in and contemplate a purchase. One shopper makes some comments. “It’s nice. I wonder if they have my size.” Another takes a few steps inside the store to see where these particular clothes might…

Sponsors

What Is A Hybrid Cloud?

What Is A Hybrid Cloud?

What Is A Hybrid Cloud? With the emergence of cloud-computing technology comes the addition of new terminology. The terms public cloud and private cloud are reasonably well understood. However, a hybrid cloud can mean different things to different people. Under The Engine Perhaps the best way to define or explain a hybrid cloud is to…

Placement Opportunities - Find Out!

Established in 2009, CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

You can help continue to support our community by social sharing, sponsoring, partnering or contributing to this great educational resource.

Contact

CloudTweaks Media
Phone: 1 (212) 763-0021

Join Our Newsletter