Only through proper governance and management can cloud computing achieve its potential for organizations, according to representatives of ISACA--the global provider of advocacy and education on information systems (IS) assurance and security, enterprise governance and management of IT, and IT-related risk and compliance--in a statement to the press issued Tuesday (February 28, 2012).
“To help enterprises manage the potential pressure points that begin to surface when cloud computing strategies diverge from internally provided IT services or traditional outsourced arrangements, global nonprofit IT association ISACA has issued Guiding Principles for Cloud Computing Adoption and Use, a complimentary guide featuring six key cloud computing principles”. They include:
1. The Enablement Principle: Plan for cloud computing as a strategic enabler, rather than as an outsourcing arrangement or technical platform.
2. The Cost/Benefit Principle: Evaluate the benefits of cloud acquisition based on a full understanding of the costs of cloud compared with the costs of other technology platform business solutions.
3. The Enterprise Risk Principle: Take an enterprise risk management (ERM) perspective to manage the adoption and use of cloud.
4. The Capability Principle: Integrate the full extent of capabilities that cloud providers offer with internal resources to provide a comprehensive technical support and delivery solution.
5. The Accountability Principle: Manage accountabilities by clearly defining internal and provider responsibilities.
6. The Trust Principle: Make trust an essential part of cloud solutions, building trust into all business processes that depend on cloud computing.
“Cloud computing presents a unique opportunity for enterprises - and is particularly a game-changer for small and medium enterprises because its availability means that technology infrastructure is not the market differentiator it has been in the past,” said Ramsés Gallego, CISM, CGEIT, member of ISACA’s Guidance and Practices Committee and security strategist and evangelist for Quest Software.
Source:http://www.isaca.org/Knowledge-Center/Research/Documents/VS-Guiding-Principles-Cloud-WP-10Feb2012.pdf?id=14cea1f6-1354-4c9f-b86b-94c74039022f, http://www.businesscloudnews.com/security/739-isaca-issues-six-principles-for-effective-cloud-computing.html, http://www.cio.in/news/isacas-6-principles-effective-cloud-computing-232662012
One of the objectives of an auditor's requirement is not only sustain the sleek performing of the company, but to create sure it pulls through, to basically increase it's life.
ReplyDeleteAssociation Management