Reference no: EM132767644
Assignment - Mitigating Cloud Computing Risks
Overview
Imagine you are an information security manager in a medium-sized organization. Your CIO has asked you to prepare a case analysis report and presentation on establishing internal controls in cloud computing. The CIO has seen several resources online that discuss the security risks related to cloud-based computing and storage. One that stood out was Cloud Computing Risk Assessment: A Case Study. You are asked to summarize the information you can find on the Internet and other available sources. The CIO wants to have a firm grasp on the benefits and risks associated with public, private, and hybrid cloud usage. There is also concern over how these systems should be monitored to ensure proper usage and data security.
Instructions
Write a 3-4 page paper in which you:
1. Provide a summary analysis of the latest research available in this area.
2. Examine the risks and vulnerabilities associated with public clouds, private clouds, and hybrids.
o Include primary examples applicable from the case studies you reviewed.
Suggest key controls that organizations could implement to mitigate these risks and vulnerabilities.
Develop a list of IT audit tasks that address a cloud computing environment based on the results from the analysis of the case studies, the risks and vulnerabilities, and the mitigation controls.
Use at least three quality resources. Note: Wikipedia and similar websites do not qualify as quality resources.
Elaborate on three of the obstacles that must be overcome as a business moves up the CMMI model. Suggest key methods for overcoming the obstacles you have identified.
CAATTs can be helpful when dealing with immense amounts of data; however, developing a CAATT system can be time-consuming. Argue for or against the use of CAATT systems.
Identify the key elements of building an effective CAATT system. Elaborate on two challenges faced when designing an effective CAATT system and suggest possible solutions to these problems.