by Angela Guess
Puneet Kukreja of CSO.com recently discussed the importance of effective governance when adopting cloud services. He writes, “Governance is about consistent management, cohesive policies, guidance, processes and decision-rights for a given area of responsibility. For the purpose of this discussion we will use it for the management, use and adoption of Cloud Services. The adoption of Cloud Services is challenging, those involved often concentrate on the security of data assets and any legislative implications that an organisation might be subjected to in the event of data assets being compromised.”
He continues, “Speaking with a number of industry people about peoples’ appetite for cloud adoption made me wonder if cloud is no different to outsourcing or offshoring… This is really no different to the activities involved in procurement of business and IT services, and facilitating a quick turn-around time. In the end, it’s all about mitigating the risk associated with suppliers—onsite, offsite, outsourced, offshored or in the new lingo, Infrastructure-As-A-Service (IAAS), Platform-As-A-Service (PAAS), Software-As-A-Service (SAAS). Add an ‘AAS’ after any capability, and it’s a cloud service. Obviously, as the take up of this new model increases, the challenge for executives is to ensure that controls are in place around the availability and viability of the cloud service offering—ensuring a service is fit for purpose and use, without neglecting data security and integrity.”
