Cloud computing has become a major growth area in ICT spending and enterprises must adapt to the changes it brings to maximise the return on investment. To help organisations worldwide get the most value from the cloud, global IT association ISACA has issued a new guide outlining how to implement effective controls and governance for cloud computing.

Entitjled ‘IT Control Objectives for Cloud Computing: Controls and Assurance in the Cloud’, it is now available for download. ISACA members can download the e-book free of charge. ISACA is a leading global provider of knowledge, certifications, community, advocacy and education on information systems (IS) assurance and security, enterprise governance and management of IT and IT-related risk and compliance.

According to the ISACA guide when enterprises decide to use cloud computing for IT services business processes are impacted and governance becomes critical to effectively manage increasing risk, ensure continuity of critical business processes that now extend beyond the data centre and sustain the growth of the business through adaptation and continuity of ICT knowledge. To get the most benefit from their cloud initiatives, enterprises must develop a clear governance strategy and management plan that sets the direction and objectives for cloud computing and executes on the plan. ICT has historically been viewed as a cost centre, but the cloud presents the opportunity to fully align it with the goals of the enterprise as a whole and add value to the organisation.

The new guide notes that enterprises must ask some key questions for proper governance of cloud computing which include: How are identity and access managed in the cloud? Where will the enterprise’s data be located? How is the security of the enterprise’s data managed? How is the whole system protected from internet threats? What type of certification or assurances can the enterprise expect from the provider?

The book also outlines business case development, how standards and good practices assist with cloud governance, how to establish business goals for the cloud, risk considerations and responsibilities, and a cloud computing management audit/assurance programme.

www.isaca.org/ITCOcloud

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.