Cloud Computing

Only available on StudyMode
  • Topic: Cloud computing, Utility computing, Grid computing
  • Pages : 64 (17928 words )
  • Download(s) : 64
  • Published : January 7, 2013
Open Document
Text Preview
Evaluating Cloud Risk for the Enterprise: A Shared Assessments Guide

October 2010
Published By

©2010 The Shared Assessments Program. All Rights Reserved.

Table of Contents
About the Shared Assessments Program ............................................................................................4 Acknowledgments ..............................................................................................................................6 Foreword .............................................................................................................................................7 Introduction.........................................................................................................................................8 Cloud Computing: An Overview ......................................................................................................11 A Risk Management Approach: Common and Delta Controls ........................................................15 Cloud Computing Case Study...........................................................................................................40 Glossary ............................................................................................................................................43 Appendix: Additional Cloud Computing Initiatives.........................................................................48

Evaluating Cloud Risk for the Enterprise: A Shared Assessments Guide ©2010 The Shared Assessments Program. All Rights Reserved.

2

©Shared Assessments 2010 Complete and accurate documents created under the Shared Assessments Program may be downloaded from the official Shared Assessments Program website at www.sharedassessments.org. While retaining copyrights, the Shared Assessments Program makes specific documents available to the public for the purpose of conducting self-assessments and third-party security assessments. Licenses for other uses are available from the Shared Assessments Program. Individuals and organizations should review the terms of use prior to downloading, copying, using or modifying Shared Assessment Program documents. This notice must be included on any copy of the Shared Assessments Program documents, excluding assessors’ AUP reports. The Shared Assessments Program is administered by The Santa Fe Group (www.santa-fegroup.com). Questions about this document and the Program should be directed to: Michele Edson Senior Vice President The Santa Fe Group 505-466-6434 sharedassessments@santa-fe-group.com

Evaluating Cloud Risk for the Enterprise: A Shared Assessments Guide ©2010 The Shared Assessments Program. All Rights Reserved.

3

About the Shared Assessments Program
The vendor assessment control evaluation process has long been inefficient and costly. Many organizations that assess their technology service providers produce and distribute their own proprietary questionnaire to each of their service providers. The volume of diverse client questionnaires to which service providers must respond puts a significant strain on their resources. The disparity of information requested from questionnaire to questionnaire can cause delays for all parties. Shared Assessments was created by leading financial institutions, the Big Four accounting firms and leading service providers to inject standardization, consistency, speed, efficiency and cost savings into the service provider vendor assessment process. Through membership in the Shared Assessments Program and use of the Shared Assessments tools (the Standardized Information Gathering Questionnaire, or “SIG” and Agreed Upon Procedures or “AUP”), Shared Assessments strives to eliminate redundancies and create efficiencies, giving all parties a faster, more efficient and less costly means of conducting rigorous and comprehensive security, privacy and business continuity assessments. To promote adoption, the Shared Assessments Program makes its standards...
tracking img