Cloud Computing Audit

European Identity & Cloud Conference 2012
17.04. - 20.04.2012, Munich, Germany

Moderator:

Cloud Audit

18.04.2012 10:30-11:30

Addressing Cloud Audit, Assurance and Compliance Needs � A Progress Report


A key enabler of cloud contracting and use -- all the way from comparison shipping and RfPs, through SLAs and monitoring, to auditing and regulatory enforcement -- is the availability of common vocabularies and operations for different service components. Open standards are required to make services comparable, portable and interoperable across vendors and architectures. As more organizations consider the shift toward cloud services, industry is working hard to offer new approaches to meet these challenges. During this session, experts will provide progress reports on some of the work underway that is addressing these needs.

  • SMI defines service attributes in seven major functional categories (accountability, agility, assurance, financial, performance, security and privacy, and usability) that provide key performance indicators that can be collected and tailored by consumers to evaluate competing services based on business and technology requirements. The speaker for this portion will provide an overview of the SMI and its relationship to cloud auditing, and discuss how cloud marketplaces can leverage the SMI to enable greater cloud choice through evidence-based decisions.
  • Many SDOs have been collecting real world cloud use cases addressing many of the concerns felt by industry. These use cases are being peered reviewed, with the hopes that these committees will identify gaps in standards and pave a way to move forward with future standardization efforts. An expert technical speaker will be on-hand to discuss the progress of SDO work in this area.
  • And finally, this session will cover ongoing work within the EU cloud strategy, ENISA’s cloud SLA work, and the dependencies of critical services on cloud. This speaker will also focus on auditing schemes and ongoing work in CAMM (an assurance framework for cloud providers) and the minimum security measures for EU Telco’s, which entails another audit scheme.

Cloud Audit

18.04.2012 11:30-12:30

Global Perspectives on Cloud Auditing Challenges and Solutions


Auditing in the cloud environment, particularly for identity management systems, touches on a range of interconnected, international issues: data governance, competing legal and regulatory environments, standards and interoperability, and a host of specific policy issues that are increasingly problematic, such as data privacy. The October 2011 International Cloud Symposium organized by OASIS in London, identified many of these issues, and in this panel expert speakers examine them from a global perspective and offer international perspectives on challenges and solutions.



© 2012 KuppingerCole