The Lighter Side Of The Cloud – iPhone Anticipation
The Lighter Side Of The Cloud – The Knock-Off
The Lighter Side Of The Cloud – Music Collection

Cloud Computing Guidelines From The Information Systems Audit And Control Association

Cloud Computing Guidelines From The Information Systems Audit And Control Association

Among the slew of guidelines on cloud computing floating around, the recent one published by industry body Information Systems Audit and Control Association (ISACA) has a lot of credibility. Established in 1965, the association has a long history of delivering guidance to its huge membership (more than 95,000 across 190 chapters in 75 countries) of Information Systems professionals and is well positioned to offer advice on the dynamic paradigm of cloud computing.

The whitepaper “Guiding Principles for Cloud Computing Adoption and Use”, available for free download on the ISACA site, offers readers a definition of Cloud Computing (see: Coining the Cloud: An Assessment of Cloud Computing’s Shifty Definition) and broad directions for adoption. According to ISACA, it “describes the nature of cloud computing and areas of pressure that, when not addressed, can increase risk to the enterprise. It also presents six principles for cloud computing adoption and use that can guide management toward more effective cloud implementation and use, reduction of pressure points, and mitigation of potential risk.”

The “guiding principles for adopting and using the cloud,” as mentioned in the paper, are:

1. Enablement

ISACA asks companies to “plan for cloud computing as a strategic enabler rather than as an outsourcing arrangement or a technical platform.” They are warned that “viewing it as a replacement for internal technology solutions limits the ability of enterprises to think broadly about how it can support the strategic direction of the enterprise.”

2. Cost benefit

Companies are advised to “evaluate the benefits of cloud acquisition based on a full understanding of the cost of cloud compared with other technology platform business solutions.” Also, cloud adopters are reminded that “the full cost of acquiring and deploying cloud infrastructures, platforms or software services is more than what is represented within the cloud contract and SLA.” Thus, ISACA asks enterprises to conduct a thorough cost–benefit analysis that includes things beyond the obvious.

3. Enterprise risk

Companies are advised to take a “larger picture” view, an “enterprise risk management perspective” in the matter. Rather than treat different risks – issues related to compliance and, in particular, privacy regulations and the export of personal information; and legal issues involving SLAs – as independent, they should be considered in combination.

4. Capability

Companies are asked to “integrate the full extent of capabilities that cloud providers offer with internal resources to provide a comprehensive technical support and delivery solution.” Thus, companies are asked not to abandon in-house talent and assets altogether but to combine them with those provided by cloud vendors for optimum benefit.

5. Accountability

Companies should “manage accountabilities by clearly defining internal and provider responsibilities.” According to ISACA, “adopting cloud solutions may break connections among people, technology, the processes that enable technology use, and the enforcement of individual and group accountabilities and responsibilities.” Hence, proper mechanisms should be put in place to address this.

6. Trust

The paper advises that cloud users should “make trust an essential element of cloud solutions, building trust into all business processes that depend on cloud computing.” It says that “Trust is an essential requirement for business applications of technology for internal and external users” and “results from the combined effect of organizational structure, culture, technical architectures, processes and the human factors that facilitate the deployment and use of technology in support of business functions.” 

Through this paper, ISACA has provided useful, big-picture suggestions that can help cloud adopters and users nip potential problems in the bud, while maximizing the benefits of going on the cloud. With the strength of peer review backing these assertions, it is great advice to be had for free.

By Sourya Biswas

sourya

Sourya Biswas is a former risk analyst who has worked with several financial organizations of international repute, besides being a freelance journalist with several articles published online. After 6 years of work, he has decided to pursue further studies at the University of Notre Dame, where he has completed his MBA. He holds a Bachelors in Engineering from the Indian Institute of Information Technology. He is also a member of high-IQ organizations Mensa and Triple Nine Society and has been a prolific writer to CloudTweaks over the years... http://www.cloudtweaks.com/author/sourya/

Sorry, comments are closed for this post.

Recent

Improving Safety On The Digital Highway

Improving Safety On The Digital Highway

Digital Highway Safety When it comes to transportation, safety is highly consequential. From educational programs to legal penalties, safety is principle to the way that travel is spoken about and acted upon. But what about digital travel? Although user files are hardly as important as users themselves, they often contain sensitive information. As cloud computing’s momentum…

From AOL To Twitch: A Decade Of Big Data Hacks

From AOL To Twitch: A Decade Of Big Data Hacks

A Decade Of Big Data Hacks The idea of hacking has been around forever. Popular in science-fiction films for decades, hacks have now become a reality for many people who engage in basic activities online. Here is a look at a list ten years in the making, a decade of hacks year-to-year. Included is an…

Popular

Forrester Releases Its “15 Emerging Technologies To Watch Before 2020” Report

Forrester Releases Its “15 Emerging Technologies To Watch Before 2020” Report

15 Emerging Technologies To Watch Before 2020 The cloud, big data, the internet of things, and wearable technology have all featured heavily in Forrester’s latest list of fifteen technologies to watch before 2020. It is becoming a reality for businesses that they need to adapt and change to an increasingly technologically-minded customer base. Traditional marketing…

Cloud Infographic – What Is The Internet of Things?

Cloud Infographic – What Is The Internet of Things?

What Is The Internet of Things? “We’re still in the first minutes of the first day of the Internet revolution.”  – Scott Cook The Internet of Things (IOT) and Smart Systems are based on the notions of Sensors, Connectivity, People and Processes. We are creating a new world to view and measure anything around us through…

Cloud Computing Services Perfect For Your Startup

Cloud Computing Services Perfect For Your Startup

Cloud Computing Services Perfect For Your Startup Chances are if you’re working for a startup or smaller company, you don’t have a robust IT department. You’d be lucky to even have a couple IT specialists. It’s not that smaller companies are ignoring the value and importance of IT, but with limited resources, they can’t afford…

2014 Future Of Cloud Computing Survey Results

2014 Future Of Cloud Computing Survey Results

Engine Yard Joins North Bridge Venture Partners, Gigaom Research and Industry Collaborators to Unveil 2014 Future of Cloud Computing Survey Results SAN FRANCISCO, CA–(Marketwired – Jun 25, 2014) – Engine Yard, the leading cloud application management platform, today announced its role as a collaborator in releasing the results of the fourth annual Future of Cloud Computing Survey,…

PaaS vs Docker – why is it such a heated debate?

PaaS vs Docker – why is it such a heated debate?

PaaS vs Docker Docker started as just a software container on top of a Linux operating system which seemed like a simple optimization for a fat hypervisor. Its disruptive force however comes from the fact that it does force us to rethink many of the layers of the cloud stack. Starting from the way we…

Sponsored Posts

Skin Based Technology – The Intelligent Tattoo

Skin Based Technology – The Intelligent Tattoo

The Intelligent Tattoo I’ve got you under my skin: the rise of the intelligent tattoo As the Internet of Everything expands its reach to embrace many new areas of life, the race continues to develop more robust and accessible tools. Wearables are being whittled down from clunky watches to smart clothes and wrist bands, but…

Cloud Logo Sponsors

hp Logo CityCloud-PoweredByOpenstack-Bluesquare_logo_100x100-01
cisco_logo_100x100 vmware citrix100
Site 24x7


Contributor Spotlight

Established in 2009, CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Branded Content Programs

Advertising