Assessing risk in cloud computing projects: A free framework

Grazed from Delimeter. Author: Editorial Staff.

When many people come up against the term “risk” in the context of IT projects, they immediately reach for the telephone to call for their IT security experts. Risk, to many people, means the risk of data loss; in this sense, focusing on security has often been a logical proxy for more comprehensive IT risk management strategies. However, the moves which many organisations are currently undertaking as they embrace cloud computing technologies for substantial cost reductions, performance improvements and greater scalability in their IT operations have made many IT professionals aware that such definitions of risk are not always comprehensive enough to meet their needs.

The fundamental promise of cloud computing technology is that it allows organisations to externalise many of the resources previously managed within their own operations. However, unlike traditional outsourcing, which has typically been provided by one or multiple suppliers, cloud computing involves a broad range of suppliers whose varying approaches to security, governance, resilience, availability and privacy create a level of uncertainty for organisations. This creates perceived risk…

Risk management is defined in the ISO 31000 international standard as “the effect of uncertainty on objectives”; therefore externalising IT resources via the cloud changes the risk profile for the workload and organisation. This demands a formalised approach to understanding and addressing the risk when considering a cloud-based option…

Read more from the source @ http://delimiter.com.au/2013/03/26/assessing-risk-in-cloud-computing-projects-a-free-framework-sponsored-post/