Forecast 2014: Bringing Agility in Cloud Risk Management

 Technology

 27 views
of 19
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Description
Mature and agile organizations take a strategic and enterprise view of cloud risk management to ensure that business objectives are met with appropriate consideration of risks and rewards. Enterprise businesses are demanding a high rate of velocity and agility in identifying, assessing, selecting and implementing cloud services. Driving effective and sustainable cloud implementations in this complex landscape requires mature, robust, and right sized risk management practices in response to the business desire to quickly and safely implement cloud computing. This ODCA-U session will discuss best practices and practical implementation of Enterprise risk management strategy, policies and practices to make cloud risk management easy, simple, relevant, agile and sustainable ensuring that organizational goals and objectives are safely met, and risks and rewards are equitably balanced.
Share
Transcript
  • 1. BRINGING AGILITY IN CLOUD RISK MANAGEMENT Workshop Ed Simmons UBS Ryan Skipp T-Systems
  • 2. LEGAL DISCLAIMER  Open Data Center Alliance, Inc. is NOT a law firm. The information provided or referenced in this Best Practices document regarding possible regulatory compliance obligations or risk assessment / management related to such obligations are not intended, in any way, as legal advice to you. Our publishing of this Best Practices document and your review or use of it is NOT intended to create, nor does it create, any attorney client relationship between Open Data Center Alliance, Inc. and you. We encourage you to seek proper, independent legal advice from an appropriate advisor before making any decisions that might impact your legal duties or rights or might impose any legal liability on you.  Any reference to any laws/regulations/rules in this document may not be a complete list of the laws/regulations/rules that impact your circumstances. Also, applicable laws/regulations change frequently, and the application of laws/regulations by courts and government agencies can vary greatly.  Thus, all information provided or referenced in this Best Practices document is provided to you on an “AS IS” and “AS AVAILABLE” basis. If you rely on any of this information you do so at your own risk and you are totally and solely responsible for the consequences of your actions, including (without limitation) all legal liability and legal consequences. 2
  • 3. OBJECTIVES  Discuss ODCA Best Practice Paper: Improving Agility in Cloud Risk Management Rev. 1.0  Workshop • Risk Management Challenges in the Enterprise • Best Practices to Improve Agility in Cloud Risk Management • Discuss Implementation Experiences  Collaboration, interaction and discussion  Q&A 3 URL to white paper and materials: http://bit.ly/1rh5X94
  • 4. RETHINK RISK MANAGEMENT  The Benefits offered by cloud computing to innovate and transform value proposition, compete in the marketplace, and accelerate growth and customer satisfaction >> mandates a high rate of velocity and agility in identifying, assessing, selecting, and implementing cloud-based services  Business leaders expect cloud adoption to be rewarding, well managed, and within acceptable risk and compliance limits, driving the need to >> rapidly adapt and rethink traditional risk management processes to deliver agile, sustainable outcomes 4
  • 5. RISK MANAGEMENT - GOALS  Mature, robust, right-sized, and agile risk management practices to support rapid assessment and optimization of cloud computing risks  Strategic view of cloud risk management  Consistent, sustainable, simple, and integrated risk management across the enterprise 5
  • 6. [Q] RISK CHALLENGES – EXERCISE 1  Discuss Cloud Risk Management Challenges [Workshop material page # 2] 6
  • 7. [A] RISK CHALLENGES – EXERCISE 1  Cloud Risk Management Challenges • Value perception and lack of agility • Siloed management of risk • Security as a proxy for all risk • Risk language • Prioritization of risk management • Complexity 7
  • 8. [Q] – RISK BEST PRACTICES [EXERCISE 2]  Discuss Cloud Risk Management Challenges  Discuss Best Practices for Risk Management [Workshop material page # 4] 8
  • 9. [A] – RISK BEST PRACTICES [EXERCISE 2] Objective Best Practice Promote Safe Cloud Adoption [1] Enterprise focus [2] Risk appetite [3] Standardization Inject Agility and Velocity in Risk Management [4] Agility [5] Right-sizing [3] Standardization Integrate and Sustain Cloud Risk Management [6] Integration [7] Sustainability Minimize Waste in Risk Management [8] Continuous process improvement 9
  • 10. [Q] RISK APPETITE – EXERCISE 3  Discuss Cloud Risk Management Challenges  Discuss Best Practices for Risk Management  Setting cloud risk appetite [Workshop material page # 6] 10
  • 11. [A] RISK APPETITE – EXERCISE 3 11 Risk Appetite Dimension Level: Conservative Level: Balanced Level: Expansionary Information Security No appetite to use cloud for confidential and highly confidential information On-premises cloud can be used for confidential and highly confidential information Off-premises cloud is acceptable for confidential and highly confidential information Service Criticality (Use cloud for which services and business processes) No appetite to adopt cloud for core and mission-critical services Cloud is acceptable for core services Cloud is considered for core and mission critical services Service Location and Jurisdiction Services hosted only in domestic Jurisdiction Hosting in foreign jurisdictions is permitted for private information Hosting in foreign jurisdictions is permitted for confidential and highly confidential information Type of cloud service providers Leading edge, established players Leading edge, established players Bleeding edge, start-ups
  • 12. [Q] STANDARDIZING RISK MANAGEMENT – EXERCISE 4  Discuss Cloud Risk Management Challenges  Discuss Best Practices for Risk Management  Setting cloud risk appetite  Standardization of Risk mitigation – Discuss how [Workshop material page # 8] 12
  • 13. [A] STANDARDIZING RISK MANAGEMENT – EXERCISE 4 13 The handout describes common risks, and ODCA usage models to help manage risks. Review the risk types, and mitigation plans
  • 14. [Q] RISK RIGHT-SIZING - EXERCISE 5  Discuss Cloud Risk Management Challenges  Discuss Best Practices for Risk Management  Setting cloud risk appetite  Standardization of Risk mitigation – Discuss how  Discuss risk right-sizing [Workshop material page # 14] 14
  • 15. [A] RISK RIGHT-SIZING - EXERCISE 5 15 Cloud risk management processes should be right-sized based on the level of risk
  • 16. FURTHER INFORMATION  Discuss Cloud Risk Management Challenges  Discuss Best Practices for Risk Management  Setting cloud risk appetite  Standardization of Risk mitigation – Discuss how  Discuss risk right-sizing  Agility, Integration, Kaizen, and Sustainability: Refer to the best practice paper (Improving Agility in Cloud Risk Management) 16
  • 17. CONCLUSION  Risk Management is an integral competency of mature enterprises  ODCA best practice paper provides guidance to rethink and tune the Enterprise risk management practices to meet the agility requirements of Cloud adoption We encourage adoption of the best practices in real life situations – Please visit the ODCA web site for further information (http://www.opendatacenteralliance.org/library) 17
  • 18. 18
  • 19. 19 © 2 0 1 4 O p e n D a t a C e n t e r A l l i a n c e , I n c . A L L R I G H T S R E S E R V E D .
  • Related Search
    We Need Your Support
    Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

    Thanks to everyone for your continued support.

    No, Thanks