While cloud computing is certainly poised to deliver many benefits, information security and assurance professionals should conduct business impact analyses and risk assessments to inform business leaders of potential risks to their enterprise. Risk management activities must be managed throughout the information life cycle and risks should be reassessed regularly or in the event of a change.
Enterprises that have been considering the use of the cloud in their environment should calculate what cost savings the cloud can offer them and what additional risks are incurred. Once potential cost savings and risks are identified, enterprises will have a better understanding of how they can leverage cloud services. Business must work with legal, security, and assurance professionals to ensure that the appropriate levels of security and privacy are achieved. The cloud is a major change in how computing resources will be utilized, and as such will be a major governance initiative within adopting organizations, requiring involvement of a broad set of stakeholders.
This paper clarifies what cloud computing is, identifies the services offered in the cloud, and also examines potential business benefits, risks, and assurance considerations. Read on to learn more about cloud computing from security, governance, and assuarance perspectives.