Discovering Risk and Maintaining Your Cloud Governance Strategy

An effective cloud security strategy requires enforcement and accountability. This is where governance comes in. Basically, governance is about applying policies — the organizing principles and rules that determine how an organization should behave — relating to using services. In the cloud world, governance helps to define how multiple organizations behave, because multiple parties across different companies will be part of the governance plan.

IT governance is really a combination of policy, process, and controls. The role of IT governance is to implement, maintain, and continuously improve these controls. IT governance does the following:

check.png Ensures that IT assets (systems, processes, and so on) are implemented and used according to agreed upon policies and procedures

check.png Ensures that these assets are properly controlled and maintained

check.png Ensures that these assets are providing value to the organization

IT governance, therefore, has to include the techniques and policies that measure and control how systems are managed. However, IT doesn’t stand alone in the governance process. In order for governance to be effective, it must ...

Get Hybrid Cloud For Dummies now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.