Looking at IT Governance Through the Clouds


Home  >  Articles  > 
Looking at IT Governance Through the Clouds

Michael Wood

June 9, 2009






With the advent of the Cloud Computing and Software as a Service (SaaS) space, new issues related to IT Governance are emerging for both the provider and customer. These governance issues run deep as they impact the development practices, application architecture, infrastructure, deployment, utilization, control and continuity management aspects of the IT governance spectrum. 

For the majority of organizations, the use of Service Level Agreements (SLAs) provides the answer to most of the issues between provider and customer.  However, no number of SLAs can satisfy the customer organization’s responsibility to exercise due diligence in satisfying itself and its auditors that core business functions run via a Cloud Computing environment are properly managed, controlled, resilient to disruptions, safe from disasters, safe from theft and misuse and more.  Once the information asset is no longer under the control of the enterprise, things get rather dicey. 

While traditional environments are subject to the same governance requirements as Cloud Computing, the inherent loss of control of data and the difficulty in identifying and  troubleshooting transaction failures raises a whole new set of issues.  The risk factors, while statistically may seem lower than traditional environments, are in fact much greater.  Basically, when an organization uses Cloud Computing resources, it has abdicated its ability to effect repairs and recovery of systems and data should something go terribly wrong.  To management and auditors this poses a substantial problem.  All the guarantees in the world are meaningless if the provider can’t indemnify the using organization against harm, and quantifying that harm could be close to impossible.  In the name of cost savings, speed of deployment and application flexibility, organizations could unknowingly be risking their very existence should a catastrophic disruption in service occur.  The damages to a billion-plus-dollar enterprise could literally be the entire value of the enterprise.  And should that catastrophe effect multiple organizations, then what?

Don’t get me wrong, the potential of Cloud Computing is amazing and hard to resist.  However, the risks are equally amazing as mission critical applications and data are taken out of the control of the enterprise accountable for their integrity, security and control.   Therefore, when choosing a provider it is imperative extended due diligence be performed by an independent third party.



Please login/register to read the entire article.





sponsored announcements and special offers
CA Technologies' Innovation Management survey is a study into the barriers to innovation success and the measures companies are taking to improve performance. Each survey respondent will receive a complimentary copy of the report containing the survey's results. Please participate now!

Build and deploy interactive reports and dashboards — without any hidden costs. Our in-the-cloud free trial lets you see for yourself — no download required. SAP Crystal Reports Server 60-day Free Trial

Enable Agile Process; Support Agile Teams
CollabNet announces ScrumWorks Pro 4.4. As intuitive as Scrum itself, this version offers improvements in estimation and integration to CollabNet TeamForge. Improve your Scrum team's performance, enable tracking, view reports instantly, and effectively manage your Agile projects. Request a Trial

Enterprise hardware and software evolve faster than your customers can consume new versions and features. Overcome this gap: learn how professional services can boost product consumption and speed repurchasing in TSIA/Compuware white paper. Read now

Packaged Services Success: Join us on Sept 8 for this Free Webinar as RTM Consulting and Tenrox discuss the competitive and financial benefits of Leveraging Automation to meet the Rising Demand for Productized Professional Services. EARN 1 PDU. Register Here Today to receive a Free White Paper.



"We should be careful to get out of an experience only the wisdom that is in it - and stop there; lest we be like the cat that sits down on a hot stove-lid. She will never sit down on a hot stove-lid again, and that is well; but also she will never sit down on a cold one anymore."
- Mark Twain