SlideShare une entreprise Scribd logo

IT Controls Cloud Webinar - ISACA

Ramsés Gallego
Ramsés Gallego

The document discusses cloud computing. It defines cloud computing as a pay-as-you-go model for using applications, development platforms, and IT infrastructure. It outlines some of the key domains in cloud computing including architecture, governance, compliance, security, and operations. It also discusses some of the key drivers and challenges of cloud computing. Finally, it discusses frameworks that can be used for assurance in the cloud such as COBIT, SOC reports, ISO27001, and others.

TechnologieBusiness
1  sur  21
Urs Fischer CISA, CRISC, CIA, CPA (Swiss) Switzerland Ramsés Gallego CISM, CGEIT, CISSP, SCPM, CCSK, ITIL, Six Sigma Black Belt Chief Strategy Officer Entelgy Security practice 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved.
Compliance Resilience Evidence gathering Forensics Confidence User Access Data Segregation Virtualization Architectures Identity Emerging Recovery Surety Isolation Right to AuditTrust Privacy Web 2.0 Workflow Dispute resolution Traceability Competitive Advantage Data Location Metrics Maturity Models Web Services Incident handling 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 2
What is Cloud? The biggest evolution in technology that can have an impact similar to the birth of the Internet Number 1 on the list of ‘10 strategic technologies’ of all the analysts ‘Unless you’ve been under a rock recently, you’ve probably heard Cloud Computing as the next revolution in IT’ - CFO Magazine 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 3
What is Cloud? A pay-as-you-go model for using applications, development platforms and/or IT infrastructure 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 4
Definition of the model 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 5
Cloud domains Cloud Architecture Governing the Cloud Governance and Enterprise Risk Management Legal and Electronic Discovery Compliance and Audit Information Lifecycle Management Portability and Interoperability Security, Business Continuity and Disaster Recovery Operating in the Cloud Data Center Operations Incident Response, Notification, Remediation Application Security Encryption and Key Management Identity and Access Management Virtualization 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 6
Cloud drivers Optimized server utilization Cost savings Dynamic scalability Shortened development lifecycle Reduced time for implementation 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 7
Cloud Computing Challenges Data location Commingled data Security policy/procedure transparency Cloud data ownership Lock-in with CSP’s propietary APIs Record protection for forensic audits Identity & Access Management Screening of other cloud computing clients Compliance requirements Data erasure for current SaaS or PaaS applications 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 8
ISACA’s GEIT and Management Frameworks 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 9
ISACA’s GEIT and Management Frameworks 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 10
ISACA’s GEIT and Management Frameworks 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 11
ISACA’s GEIT and Management Frameworks 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 12
ISACA’s GEIT and Management Frameworks 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 13
Business drives IT... and Cloud 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 14
2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 15
2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 16
Linking Business Goals to IT Goals 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 17
Assurance in the Cloud COBIT AICPA Service Organization Control (SOC) Report AICPA Trust Services (SysTrust and WebTrust) ISO2700x FedRAMP NIST SP 800-53 Health Information Trust Alliance (HITRUST) BITS 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 18
Assurance in the Cloud 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 19
Resources available 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 20
THANK YOU Urs Fischer CISA, CRISC, CIA, CPA (Swiss) Switzerland Ramsés Gallego CISM, CGEIT, CISSP, SCPM, CCSK, ITIL, Six Sigma Black Belt Chief Strategy Officer Entelgy Security practice 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved.

Recommandé

The Perfect Storm
The Perfect StormThe Perfect Storm
The Perfect Storm
Ramsés Gallego
 
Culture structure strategy_for_a_grc_program
Culture structure strategy_for_a_grc_programCulture structure strategy_for_a_grc_program
Culture structure strategy_for_a_grc_program
Ramsés Gallego
 
From technology risk_to_enterprise_risk_the_new_frontier
From technology risk_to_enterprise_risk_the_new_frontierFrom technology risk_to_enterprise_risk_the_new_frontier
From technology risk_to_enterprise_risk_the_new_frontier
Ramsés Gallego
 
Strategic governance performance_management_systems
Strategic governance performance_management_systemsStrategic governance performance_management_systems
Strategic governance performance_management_systems
Ramsés Gallego
 
Dataplex Company Overview
Dataplex Company OverviewDataplex Company Overview
Dataplex Company Overview
dataplex systems limited
 
Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?
doan_slideshares
 
dataplex company presentation
dataplex company presentationdataplex company presentation
dataplex company presentation
dataplex systems limited
 
Accelerating the Speed of Innovation - Jason Waxman, Intel
Accelerating the Speed of Innovation - Jason Waxman, IntelAccelerating the Speed of Innovation - Jason Waxman, Intel
Accelerating the Speed of Innovation - Jason Waxman, Intel
Open Data Center Alliance
 

Recommandé

The Perfect Storm
The Perfect StormThe Perfect Storm
The Perfect Storm
Ramsés Gallego
 
Culture structure strategy_for_a_grc_program
Culture structure strategy_for_a_grc_programCulture structure strategy_for_a_grc_program
Culture structure strategy_for_a_grc_program
Ramsés Gallego
 
From technology risk_to_enterprise_risk_the_new_frontier
From technology risk_to_enterprise_risk_the_new_frontierFrom technology risk_to_enterprise_risk_the_new_frontier
From technology risk_to_enterprise_risk_the_new_frontier
Ramsés Gallego
 
Strategic governance performance_management_systems
Strategic governance performance_management_systemsStrategic governance performance_management_systems
Strategic governance performance_management_systems
Ramsés Gallego
 
Dataplex Company Overview
Dataplex Company OverviewDataplex Company Overview
Dataplex Company Overview
dataplex systems limited
 
Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?Cloud Is Built, Now Who's Managing It?
Cloud Is Built, Now Who's Managing It?
doan_slideshares
 
dataplex company presentation
dataplex company presentationdataplex company presentation
dataplex company presentation
dataplex systems limited
 
Accelerating the Speed of Innovation - Jason Waxman, Intel
Accelerating the Speed of Innovation - Jason Waxman, IntelAccelerating the Speed of Innovation - Jason Waxman, Intel
Accelerating the Speed of Innovation - Jason Waxman, Intel
Open Data Center Alliance
 
Umesh R Sharma
Umesh R SharmaUmesh R Sharma
Umesh R Sharma
Umesh Sharma
 
The Cloud according to VMware
The Cloud according to VMwareThe Cloud according to VMware
The Cloud according to VMware
OpSource
 
Introduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber ResilienceIntroduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber Resilience
Christian F. Nissen
 
System Center 2012 - IT GRC
System Center 2012 - IT GRCSystem Center 2012 - IT GRC
System Center 2012 - IT GRC
Norman Mayes
 
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
IBM Sverige
 
Unleash Business Innovation with the Next Generation of Cloud Computing
Unleash Business Innovation with the Next Generation of Cloud ComputingUnleash Business Innovation with the Next Generation of Cloud Computing
Unleash Business Innovation with the Next Generation of Cloud Computing
Sam Garforth
 
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar Series
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar SeriesDemystifying Cloud Contracts And SLAs- ConfidentNOW Webinar Series
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar Series
Bhavesh Bhagat, CGEIT, CISM (LION)
 
NJVC Brochure
NJVC BrochureNJVC Brochure
NJVC Brochure
Spencer Nelson
 
Sukhbir jasuja digital_trends_11
Sukhbir jasuja digital_trends_11Sukhbir jasuja digital_trends_11
Sukhbir jasuja digital_trends_11
Hellenic Professionals Informatics Society
 
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
HyTrust
 
Day 3 p3 - xs and ec
Day 3 p3 - xs and ecDay 3 p3 - xs and ec
Day 3 p3 - xs and ec
Lilian Schaffer
 
Get your house on order
Get your house on orderGet your house on order
Get your house on order
Dekkinga, Ewout
 
How Infosec Can Become a Business Enabler: Interview with: Dr Tim Redhead, Di...
How Infosec Can Become a Business Enabler: Interview with: Dr Tim Redhead, Di...How Infosec Can Become a Business Enabler: Interview with: Dr Tim Redhead, Di...
How Infosec Can Become a Business Enabler: Interview with: Dr Tim Redhead, Di...
IT Network marcus evans
 
MitKat Ad
MitKat AdMitKat Ad
MitKat Ad
manojajgaonkar
 
Avensus Corporate Presentation
Avensus Corporate PresentationAvensus Corporate Presentation
Avensus Corporate Presentation
Parth Agrawal
 
Fix nix Pitch
Fix nix PitchFix nix Pitch
Fix nix Pitch
Ashok Dandu
 
Veeras_Infotek_Corporate (2)
Veeras_Infotek_Corporate (2)Veeras_Infotek_Corporate (2)
Veeras_Infotek_Corporate (2)
Rakesh Kumar
 
Centuric Overview
Centuric OverviewCenturic Overview
Centuric Overview
Centuric
 
A better waytosecureapps-finalv1
A better waytosecureapps-finalv1A better waytosecureapps-finalv1
A better waytosecureapps-finalv1
OracleIDM
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
HyTrust
 
Cloud security and cyber security v 3.1
Cloud security and cyber security v 3.1Cloud security and cyber security v 3.1
Cloud security and cyber security v 3.1
CloudExpoEurope
 
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Chad Lawler
 

Contenu connexe

Tendances

The Cloud according to VMware
The Cloud according to VMwareThe Cloud according to VMware
The Cloud according to VMware
OpSource
 
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
HyTrust
 
Avensus Corporate Presentation
Avensus Corporate PresentationAvensus Corporate Presentation
Avensus Corporate Presentation
Parth Agrawal
 
Veeras_Infotek_Corporate (2)
Veeras_Infotek_Corporate (2)Veeras_Infotek_Corporate (2)
Veeras_Infotek_Corporate (2)
Rakesh Kumar
 
Centuric Overview
Centuric OverviewCenturic Overview
Centuric Overview
Centuric
 
A better waytosecureapps-finalv1
A better waytosecureapps-finalv1A better waytosecureapps-finalv1
A better waytosecureapps-finalv1
OracleIDM
 

Tendances (19)

Umesh R Sharma
Umesh R SharmaUmesh R Sharma
Umesh R Sharma
 
The Cloud according to VMware
The Cloud according to VMwareThe Cloud according to VMware
The Cloud according to VMware
 
Introduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber ResilienceIntroduction to RESILIA and Cyber Resilience
Introduction to RESILIA and Cyber Resilience
 
System Center 2012 - IT GRC
System Center 2012 - IT GRCSystem Center 2012 - IT GRC
System Center 2012 - IT GRC
 
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
 
Unleash Business Innovation with the Next Generation of Cloud Computing
Unleash Business Innovation with the Next Generation of Cloud ComputingUnleash Business Innovation with the Next Generation of Cloud Computing
Unleash Business Innovation with the Next Generation of Cloud Computing
 
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar Series
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar SeriesDemystifying Cloud Contracts And SLAs- ConfidentNOW Webinar Series
Demystifying Cloud Contracts And SLAs- ConfidentNOW Webinar Series
 
NJVC Brochure
NJVC BrochureNJVC Brochure
NJVC Brochure
 
Sukhbir jasuja digital_trends_11
Sukhbir jasuja digital_trends_11Sukhbir jasuja digital_trends_11
Sukhbir jasuja digital_trends_11
 
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers:
 
Day 3 p3 - xs and ec
Day 3 p3 - xs and ecDay 3 p3 - xs and ec
Day 3 p3 - xs and ec
 
Get your house on order
Get your house on orderGet your house on order
Get your house on order
 
How Infosec Can Become a Business Enabler: Interview with: Dr Tim Redhead, Di...
How Infosec Can Become a Business Enabler: Interview with: Dr Tim Redhead, Di...How Infosec Can Become a Business Enabler: Interview with: Dr Tim Redhead, Di...
How Infosec Can Become a Business Enabler: Interview with: Dr Tim Redhead, Di...
 
MitKat Ad
MitKat AdMitKat Ad
MitKat Ad
 
Avensus Corporate Presentation
Avensus Corporate PresentationAvensus Corporate Presentation
Avensus Corporate Presentation
 
Fix nix Pitch
Fix nix PitchFix nix Pitch
Fix nix Pitch
 
Veeras_Infotek_Corporate (2)
Veeras_Infotek_Corporate (2)Veeras_Infotek_Corporate (2)
Veeras_Infotek_Corporate (2)
 
Centuric Overview
Centuric OverviewCenturic Overview
Centuric Overview
 
A better waytosecureapps-finalv1
A better waytosecureapps-finalv1A better waytosecureapps-finalv1
A better waytosecureapps-finalv1
 

Similaire à IT Controls Cloud Webinar - ISACA

Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
HyTrust
 
Service Manager Cloud Seminar introcustext
Service Manager Cloud Seminar introcustextService Manager Cloud Seminar introcustext
Service Manager Cloud Seminar introcustext
Microsoft Norge AS
 
Cisco tec chris young - security intelligence operations
Cisco tec chris young - security intelligence operationsCisco tec chris young - security intelligence operations
Cisco tec chris young - security intelligence operations
Cisco Public Relations
 
Data security in cloud
Data security in cloudData security in cloud
Data security in cloud
Interop
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk Overview
Splunk
 
Enterprise Security in Cloud
Enterprise Security in CloudEnterprise Security in Cloud
Enterprise Security in Cloud
Lenin Aboagye
 
Intel Cloud Summit ODCA - NAB Customer presentation
Intel Cloud Summit ODCA - NAB Customer presentationIntel Cloud Summit ODCA - NAB Customer presentation
Intel Cloud Summit ODCA - NAB Customer presentation
IntelAPAC
 

Similaire à IT Controls Cloud Webinar - ISACA (20)

Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
 
Cloud security and cyber security v 3.1
Cloud security and cyber security v 3.1Cloud security and cyber security v 3.1
Cloud security and cyber security v 3.1
 
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
 
Isaca india trust & value from cloud computing (aug 2011) print
Isaca india trust & value from cloud computing (aug 2011) printIsaca india trust & value from cloud computing (aug 2011) print
Isaca india trust & value from cloud computing (aug 2011) print
 
Antonio piraino v1
Antonio piraino v1Antonio piraino v1
Antonio piraino v1
 
Cloud conference & expo presentation
Cloud conference & expo presentationCloud conference & expo presentation
Cloud conference & expo presentation
 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud Computing
 
Netapp - An Agile Data Infrastructure to Power Your Cloud
Netapp - An Agile Data Infrastructure to Power Your CloudNetapp - An Agile Data Infrastructure to Power Your Cloud
Netapp - An Agile Data Infrastructure to Power Your Cloud
 
Service Manager Cloud Seminar introcustext
Service Manager Cloud Seminar introcustextService Manager Cloud Seminar introcustext
Service Manager Cloud Seminar introcustext
 
Risk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the Cloud
 
Cisco tec chris young - security intelligence operations
Cisco tec chris young - security intelligence operationsCisco tec chris young - security intelligence operations
Cisco tec chris young - security intelligence operations
 
null Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Securitynull Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Security
 
CCSK, cloud security framework, Indonesia
CCSK, cloud security framework, IndonesiaCCSK, cloud security framework, Indonesia
CCSK, cloud security framework, Indonesia
 
Data security in cloud
Data security in cloudData security in cloud
Data security in cloud
 
The Vortex of Change - Digital Transformation (Presented by Intel)
The Vortex of Change - Digital Transformation (Presented by Intel)The Vortex of Change - Digital Transformation (Presented by Intel)
The Vortex of Change - Digital Transformation (Presented by Intel)
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk Overview
 
Enterprise Security in Cloud
Enterprise Security in CloudEnterprise Security in Cloud
Enterprise Security in Cloud
 
Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012
 
Intel Cloud Summit ODCA - NAB Customer presentation
Intel Cloud Summit ODCA - NAB Customer presentationIntel Cloud Summit ODCA - NAB Customer presentation
Intel Cloud Summit ODCA - NAB Customer presentation
 
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
 

Plus de Ramsés Gallego

Entel Service Management
Entel Service ManagementEntel Service Management
Entel Service Management
Ramsés Gallego
 
Metrics, measures & Myths
Metrics, measures & MythsMetrics, measures & Myths
Metrics, measures & Myths
Ramsés Gallego
 
DLP - Network Security Conference_ Ramsés Gallego
DLP - Network Security Conference_ Ramsés GallegoDLP - Network Security Conference_ Ramsés Gallego
DLP - Network Security Conference_ Ramsés Gallego
Ramsés Gallego
 
e-Symposium_ISACA_Ramsés_Gallego
e-Symposium_ISACA_Ramsés_Gallegoe-Symposium_ISACA_Ramsés_Gallego
e-Symposium_ISACA_Ramsés_Gallego
Ramsés Gallego
 

Plus de Ramsés Gallego (10)

ISACA Barcelona Chapter Congress - July 2011
ISACA Barcelona Chapter Congress - July 2011ISACA Barcelona Chapter Congress - July 2011
ISACA Barcelona Chapter Congress - July 2011
 
Modern cyber threats_and_how_to_combat_them_panel
Modern cyber threats_and_how_to_combat_them_panelModern cyber threats_and_how_to_combat_them_panel
Modern cyber threats_and_how_to_combat_them_panel
 
Entel Service Management
Entel Service ManagementEntel Service Management
Entel Service Management
 
Metrics, measures & Myths
Metrics, measures & MythsMetrics, measures & Myths
Metrics, measures & Myths
 
Malware mitigation
Malware mitigationMalware mitigation
Malware mitigation
 
DLP - Network Security Conference_ Ramsés Gallego
DLP - Network Security Conference_ Ramsés GallegoDLP - Network Security Conference_ Ramsés Gallego
DLP - Network Security Conference_ Ramsés Gallego
 
e-Symposium_ISACA_Ramsés_Gallego
e-Symposium_ISACA_Ramsés_Gallegoe-Symposium_ISACA_Ramsés_Gallego
e-Symposium_ISACA_Ramsés_Gallego
 
Entel SSO
Entel SSOEntel SSO
Entel SSO
 
Entel DLP
Entel DLPEntel DLP
Entel DLP
 
Entel S&RM
Entel S&RMEntel S&RM
Entel S&RM
 

Dernier

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Dernier (20)

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 

IT Controls Cloud Webinar - ISACA

  • 1. Urs Fischer CISA, CRISC, CIA, CPA (Swiss) Switzerland Ramsés Gallego CISM, CGEIT, CISSP, SCPM, CCSK, ITIL, Six Sigma Black Belt Chief Strategy Officer Entelgy Security practice 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved.
  • 2. Compliance Resilience Evidence gathering Forensics Confidence User Access Data Segregation Virtualization Architectures Identity Emerging Recovery Surety Isolation Right to AuditTrust Privacy Web 2.0 Workflow Dispute resolution Traceability Competitive Advantage Data Location Metrics Maturity Models Web Services Incident handling 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 2
  • 3. What is Cloud? The biggest evolution in technology that can have an impact similar to the birth of the Internet Number 1 on the list of ‘10 strategic technologies’ of all the analysts ‘Unless you’ve been under a rock recently, you’ve probably heard Cloud Computing as the next revolution in IT’ - CFO Magazine 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 3
  • 4. What is Cloud? A pay-as-you-go model for using applications, development platforms and/or IT infrastructure 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 4
  • 5. Definition of the model 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 5
  • 6. Cloud domains Cloud Architecture Governing the Cloud Governance and Enterprise Risk Management Legal and Electronic Discovery Compliance and Audit Information Lifecycle Management Portability and Interoperability Security, Business Continuity and Disaster Recovery Operating in the Cloud Data Center Operations Incident Response, Notification, Remediation Application Security Encryption and Key Management Identity and Access Management Virtualization 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 6
  • 7. Cloud drivers Optimized server utilization Cost savings Dynamic scalability Shortened development lifecycle Reduced time for implementation 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 7
  • 8. Cloud Computing Challenges Data location Commingled data Security policy/procedure transparency Cloud data ownership Lock-in with CSP’s propietary APIs Record protection for forensic audits Identity & Access Management Screening of other cloud computing clients Compliance requirements Data erasure for current SaaS or PaaS applications 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 8
  • 9. ISACA’s GEIT and Management Frameworks 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 9
  • 10. ISACA’s GEIT and Management Frameworks 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 10
  • 11. ISACA’s GEIT and Management Frameworks 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 11
  • 12. ISACA’s GEIT and Management Frameworks 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 12
  • 13. ISACA’s GEIT and Management Frameworks 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 13
  • 14. Business drives IT... and Cloud 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 14
  • 15. 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 15
  • 16. 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 16
  • 17. Linking Business Goals to IT Goals 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 17
  • 18. Assurance in the Cloud COBIT AICPA Service Organization Control (SOC) Report AICPA Trust Services (SysTrust and WebTrust) ISO2700x FedRAMP NIST SP 800-53 Health Information Trust Alliance (HITRUST) BITS 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 18
  • 19. Assurance in the Cloud 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 19
  • 20. Resources available 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved. 20
  • 21. THANK YOU Urs Fischer CISA, CRISC, CIA, CPA (Swiss) Switzerland Ramsés Gallego CISM, CGEIT, CISSP, SCPM, CCSK, ITIL, Six Sigma Black Belt Chief Strategy Officer Entelgy Security practice 2011 ISACA Webinar Program. © 2011 ISACA. All rights reserved.