Report Offers Key Principles for Shifting to the Cloud

Shifting to cloud computing can deliver significant value and benefits to organizations, but it also poses significant organizational management challenges that many enterprises have little knowledge, among them shifting oversight and governance by technology specialists to business unit leaders. That's prompted ISACA, an association for computer systems auditing control professionals, to publish "Guiding Principles for Cloud Computing Adoption and Use," a complimentary e-book available for download on the ISACA website.

"Cloud computing presents a unique opportunity for enterprises-and is particularly a game-changer for small and medium enterprises because its availability means that technology infrastructure is not the market differentiator it has been in the past," elaborated Ramsés Gallego, CISM, CGEIT, member of ISACA's Guidance and Practices Committee and security strategist and evangelist for Quest Software. "These principles will enable enterprises to experience the value that cloud can provide and help ensure that internal and external users can trust cloud solutions."

ISACA's guide lays out six key principles for implementing cloud computing:

  • The Enablement Principle: Plan for cloud computing as a strategic enabler, rather than as an outsourcing arrangement or technical platform.
  • The Cost/Benefit Principle: Evaluate the benefits of cloud acquisition based on a full understanding of the costs of cloud compared with the costs of other technology platform business solutions.
  • The Enterprise Risk Principle: Take an enterprise risk management (ERM) perspective to manage the adoption and use of cloud.
  • The Capability Principle: Integrate the full extent of capabilities that cloud providers offer with internal resources to provide a comprehensive technical support and delivery solution.
  • The Accountability Principle: Manage accountabilities by clearly defining internal and provider responsibilities.
  • The Trust Principle: Make trust an essential part of cloud solutions, building trust into all business processes that depend on cloud computing.

Founded in 1969, ISACA counts some 95,0000 "constituents" in 160 countries as members, providing them knowledge, certifications, community, advocacy and education on information systems (IS) assurance and security, enterprise governance and IT management, as well as IT-related risk and compliance.

Written by David Raucher at 11:00
Tags :

Categories :