• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
IT Controls Cloud Webinar - ISACA
 

IT Controls Cloud Webinar - ISACA

on

  • 1,182 views

 

Statistics

Views

Total Views
1,182
Views on SlideShare
1,178
Embed Views
4

Actions

Likes
4
Downloads
0
Comments
0

2 Embeds 4

http://www.linkedin.com 3
https://www.linkedin.com 1

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    IT Controls Cloud Webinar - ISACA IT Controls Cloud Webinar - ISACA Presentation Transcript

    • Urs Fischer CISA, CRISC, CIA, CPA (Swiss) Switzerland Ramsés Gallego CISM, CGEIT, CISSP, SCPM, CCSK, ITIL, Six Sigma Black Belt Chief Strategy Officer Entelgy Security practice2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved.
    • ComplianceResilience Evidence gathering Forensics Confidence User Access Data Segregation VirtualizationArchitectures Identity Emerging Recovery Surety Isolation Right to AuditTrust Privacy Web 2.0 Workflow Dispute resolution Traceability Competitive Advantage Data Location Metrics Maturity Models Web Services Incident handling 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 2
    • What is Cloud?The biggest evolution in technology that can have an impactsimilar to the birth of the InternetNumber 1 on the list of ‘10 strategic technologies’ of all theanalysts‘Unless you’ve been under a rock recently, you’ve probably heardCloud Computing as the next revolution in IT’ - CFO Magazine 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 3
    • What is Cloud? A pay-as-you-go model for using applications, development platforms and/or IT infrastructure 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 4
    • Definition of the model 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 5
    • Cloud domains Cloud Architecture Governing the Cloud Governance and Enterprise Risk Management Legal and Electronic Discovery Compliance and Audit Information Lifecycle Management Portability and Interoperability Security, Business Continuity and Disaster Recovery Operating in the Cloud Data Center Operations Incident Response, Notification, Remediation Application Security Encryption and Key Management Identity and Access Management Virtualization 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 6
    • Cloud drivers Optimized server utilization Cost savings Dynamic scalability Shortened development lifecycle Reduced time for implementation 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 7
    • Cloud Computing Challenges Data location Commingled data Security policy/procedure transparency Cloud data ownership Lock-in with CSP’s propietary APIs Record protection for forensic audits Identity & Access Management Screening of other cloud computing clients Compliance requirements Data erasure for current SaaS or PaaS applications 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 8
    • ISACA’s GEIT and Management Frameworks 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 9
    • ISACA’s GEIT and Management Frameworks 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 10
    • ISACA’s GEIT and Management Frameworks 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 11
    • ISACA’s GEIT and Management Frameworks 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 12
    • ISACA’s GEIT and Management Frameworks 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 13
    • Business drives IT... and Cloud 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 14
    • 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 15
    • 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 16
    • Linking Business Goals to IT Goals 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 17
    • Assurance in the Cloud COBIT AICPA Service Organization Control (SOC) Report AICPA Trust Services (SysTrust and WebTrust) ISO2700x FedRAMP NIST SP 800-53 Health Information Trust Alliance (HITRUST) BITS 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 18
    • Assurance in the Cloud 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 19
    • Resources available 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 20
    • THANK YOU Urs Fischer CISA, CRISC, CIA, CPA (Swiss) Switzerland Ramsés Gallego CISM, CGEIT, CISSP, SCPM, CCSK, ITIL, Six Sigma Black Belt Chief Strategy Officer Entelgy Security practice2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved.