Discovering Risk and Maintaining Your Cloud Governance Strategy
An effective cloud security strategy requires enforcement and accountability. This is where governance comes in. Basically, governance is about applying policies — the organizing principles and rules that determine how an organization should behave — relating to using services. In the cloud world, governance helps to define how multiple organizations behave, because multiple parties across different companies will be part of the governance plan.
IT governance is really a combination of policy, process, and controls. The role of IT governance is to implement, maintain, and continuously improve these controls. IT governance does the following:
Ensures that IT assets (systems, processes, and so on) are implemented and used according to agreed upon policies and procedures
Ensures that these assets are properly controlled and maintained
Ensures that these assets are providing value to the organization
IT governance, therefore, has to include the techniques and policies that measure and control how systems are managed. However, IT doesn’t stand alone in the governance process. In order for governance to be effective, it must ...