The Lighter Side Of The Cloud – Cloud Training
The Lighter Side Of The Cloud – Piggybacking
The Lighter Side Of The Cloud – Music To The Ears

Cloud Computing Guidelines From The Information Systems Audit And Control Association

Cloud Computing Guidelines From The Information Systems Audit And Control Association

Among the slew of guidelines on cloud computing floating around, the recent one published by industry body Information Systems Audit and Control Association (ISACA) has a lot of credibility. Established in 1965, the association has a long history of delivering guidance to its huge membership (more than 95,000 across 190 chapters in 75 countries) of Information Systems professionals and is well positioned to offer advice on the dynamic paradigm of cloud computing.

The whitepaper “Guiding Principles for Cloud Computing Adoption and Use”, available for free download on the ISACA site, offers readers a definition of Cloud Computing (see: Coining the Cloud: An Assessment of Cloud Computing’s Shifty Definition) and broad directions for adoption. According to ISACA, it “describes the nature of cloud computing and areas of pressure that, when not addressed, can increase risk to the enterprise. It also presents six principles for cloud computing adoption and use that can guide management toward more effective cloud implementation and use, reduction of pressure points, and mitigation of potential risk.”

The “guiding principles for adopting and using the cloud,” as mentioned in the paper, are:

1. Enablement

ISACA asks companies to “plan for cloud computing as a strategic enabler rather than as an outsourcing arrangement or a technical platform.” They are warned that “viewing it as a replacement for internal technology solutions limits the ability of enterprises to think broadly about how it can support the strategic direction of the enterprise.”

2. Cost benefit

Companies are advised to “evaluate the benefits of cloud acquisition based on a full understanding of the cost of cloud compared with other technology platform business solutions.” Also, cloud adopters are reminded that “the full cost of acquiring and deploying cloud infrastructures, platforms or software services is more than what is represented within the cloud contract and SLA.” Thus, ISACA asks enterprises to conduct a thorough cost–benefit analysis that includes things beyond the obvious.

3. Enterprise risk

Companies are advised to take a “larger picture” view, an “enterprise risk management perspective” in the matter. Rather than treat different risks – issues related to compliance and, in particular, privacy regulations and the export of personal information; and legal issues involving SLAs – as independent, they should be considered in combination.

4. Capability

Companies are asked to “integrate the full extent of capabilities that cloud providers offer with internal resources to provide a comprehensive technical support and delivery solution.” Thus, companies are asked not to abandon in-house talent and assets altogether but to combine them with those provided by cloud vendors for optimum benefit.

5. Accountability

Companies should “manage accountabilities by clearly defining internal and provider responsibilities.” According to ISACA, “adopting cloud solutions may break connections among people, technology, the processes that enable technology use, and the enforcement of individual and group accountabilities and responsibilities.” Hence, proper mechanisms should be put in place to address this.

6. Trust

The paper advises that cloud users should “make trust an essential element of cloud solutions, building trust into all business processes that depend on cloud computing.” It says that “Trust is an essential requirement for business applications of technology for internal and external users” and “results from the combined effect of organizational structure, culture, technical architectures, processes and the human factors that facilitate the deployment and use of technology in support of business functions.” 

Through this paper, ISACA has provided useful, big-picture suggestions that can help cloud adopters and users nip potential problems in the bud, while maximizing the benefits of going on the cloud. With the strength of peer review backing these assertions, it is great advice to be had for free.

By Sourya Biswas

sourya

Sourya Biswas is a former risk analyst who has worked with several financial organizations of international repute, besides being a freelance journalist with several articles published online. After 6 years of work, he has decided to pursue further studies at the University of Notre Dame, where he has completed his MBA. He holds a Bachelors in Engineering from the Indian Institute of Information Technology. He is also a member of high-IQ organizations Mensa and Triple Nine Society and has been a prolific writer to CloudTweaks over the years... http://www.cloudtweaks.com/author/sourya/

Sorry, comments are closed for this post.

Popular Archives

Cloud Infographic: Corporate IT Security Stats

Cloud Infographic: Corporate IT Security Stats

Cloud Infographic: Corporate IT Security Stats Each week on CloudTweaks we provide a few shoutouts to companies who provide engaging and interesting infographics that reflect our readers interests.  In this case, we have an excellent infographic provided by the team at arellia.com which takes a closer look at cyber-security and some of the biggest malware threats…

The Future Of Work: What Cloud Technology Has Allowed Us To Do Better

The Future Of Work: What Cloud Technology Has Allowed Us To Do Better

What Cloud Technology Has Allowed Us to Do Better The cloud has made our working lives easier, with everything from virtually unlimited email storage to access-from-anywhere enterprise resource planning (ERP) systems. It’s no wonder the 2013 cloud computing research IDG survey revealed at least 84 percent of the companies surveyed run at least one cloud-based application.…

Unusual Clandestine Cloud Data Centre Service Locations

Unusual Clandestine Cloud Data Centre Service Locations

Unusual Clandestine Cloud Data Centre Service Locations Everyone knows what the cloud is, but does everybody know where the cloud is? We try to answer that as we look at some of the most unusual data centre locations in the world. Under the Eyes of a Deity Deep beneath the famous Uspenski Cathedral in the…

The Global Rise of Cloud Computing

The Global Rise of Cloud Computing

The Global Rise of Cloud Computing Despite the rapid growth of cloud computing, the cloud still commands a small portion of overall enterprise IT spending. Estimates I’ve seen put the percentage between 5% and 10% of the slightly more than $2 trillion (not including telco) spent worldwide in 2014 on enterprise IT. Yet growth projections…

Five Reasons SMBs Fear The Cloud

Five Reasons SMBs Fear The Cloud

Five Reasons SMBs Fear the Cloud Fear of the cloud has been around since the Cloud began. SMBs were traditionally afraid of security issues, while large companies fretted about increasing the complexity of their IT infrastructure. What many budding start-up companies don’t realise is Cloud Computing helps place them on a level playing field with…

Recent

Digital Transformation: Miracle and Wonder

Digital Transformation: Miracle and Wonder

Digital Transformation These are the days of miracle and wonder. I’ve been leading a small, global research team at the Tau Institute for the past few years to examine the dynamics of IT adoption in more than 100 countries throughout the world. We’ve developed several indices that show how well these nations are doing on a relative basis. We ranked the nations…

Cloud Security Hottest Issue At RSA

Cloud Security Hottest Issue At RSA

Cloud Security Hottest Issue The integral integration of cyber security and cloud technology seemed to be the hottest issue at the busy RSA 2015 Conference in San Francisco. Interested parties packed security and cloud service booths for the duration of the conference. Several prominent publications covered the increased importance of securing their private information that’s…

Imperfect Security: The RSA Conference And The Illusion Of Safety

Imperfect Security: The RSA Conference And The Illusion Of Safety

The RSA Conference And The Illusion Of Safety This year’s 2015 RSA Conference is taking place from April 20th to 24th, in San Francisco, California. Here, security leaders from across the vast expanse of tech, politics, and more will gather to discuss the past, present, and future of security. From application security to technology infrastructure,…

Contact Us

Sending

Technology Sponsors

hp Logo CityCloud-PoweredByOpenstack-Bluesquare_logo_100x100-01
cisco_logo_100x100 vmware citrix100
Site 24x7 200px-KPMG

Established in 2009, CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

CloudTweaks Comic Library

Advertising