Governance, Risk Management and Compliance (GRC) for Safe and Effective Cloud Computing - Cloud Service Level Agreements (SLAs)
Javier Kuong, President and Principal Consultant, Management Advisory Services & Publications (MASP)
Coming soon.. Please contact customer care for new schedule
Cloud computing adoption is a new and major global wave of activity in IT and business. Virtually many organizations, large and small, profit or non-profit have already adopted some form of cloud computing model or are seriously contemplating migrating a whole range of IT business applications and critical systems to the cloud model.
However, as has been the case in any new technology adoption in the past, there are very important GRC and Auditing and Business Continuity (ABC) considerations associated with functioning in a cloud computing environment. Unfortunately, these issues are typically an after-thought for those entrusted with the feasibility, assessment and implementation of the cloud initiative as they are primarily concerned with the Effectiveness, Economy and Efficiency (EEE) aspects of any new technology.
Moving many of your IT activities and critical business processes to the cloud is no trivial matter. As with any new technology adoption, cloud computing brings with it many new threats and risks. As a responsible executive, CIO, technologist, technology assessor, auditor, security, compliance, legal or procurement officer, you want to minimize the risks associated with engaging cloud computing services provided by a third-party entity. One of the key mechanisms to assist you in this delicate task is to diligently prepare “your own” set of Service Level Agreements (SLAs) that reflect your specific needs.
This highly interactive course will cover principles and guidelines of GRC as they apply to cloud computing. It will provide you with the fundamental considerations to assist you in the task of developing a sound and effective set of SLAs whether you are contemplating moving to the cloud or if you are already in the cloud, to assist you in renegotiating existing service agreements.
This cloud computing seminar will focus on the following topics:
- Threats, risks and exposures in cloud computing
- Cloud Service Level Agreements (SLAs)
- Governance, risk management and compliance issues for the cloud
- Classes of Service Level Agreements for the cloud
- Practical guidelines for the safe selection of cloud service providers to ensure adequate GRC provisions are satisfied.
Upon completing this course on cloud computing, participants will learn:
- The fundamental principles and guidelines of GRC as they apply to cloud computing.
- The approaches and the key elements involved in preparing a sound set of SLAs for cloud computing.
- How to prepare their own specific set of SLAs which can also serve to effectively select the most suitable cloud service providers.
Who will Benefit:
The course will assist executives and professionals in practicing responsible due diligence for cloud computing:
- IT executives, CIOs, Systems and Datacenter Professionals
- Chief Security Officers (CSOs), Chief Technology Officers (CTOs)
- Security and Control Professionals
- Corporate and IT Governance Officers, CCOs, CFOs
- System Quality Assurance and Standards Development Professionals
- Technology Acquisition Team Leaders and Staff
- Internal and External Auditors
- Technology Assessors
- Management Consultants
- Cloud Service Providers
- Any User Department Manager Contemplating the Adoption or Use of Cloud Computing Services (internal or external)
- Legal Officers
- Procurement and Contracting Professionals
- Treasury Department Executives Dealing With Project Justification and Financial Approval
- Governance, Risk Management and Compliance (GRC) Professionals
- Any Professional Interested In or Dealing with Cloud Computing Issues
In a great majority of situations, organizations that have migrated or are contemplating to move to the cloud do so without an adequate set of service requirements definitions and GRC provisions to make the transition to and operation of the cloud arrangements safe. As a result, they simply accept the “generic” terms that most cloud service providers offer to all kinds of customers who may actually have individual GRC requirements.
It is absolutely necessary for responsible organizations to prepare a set of SLAs that apply to your organization, regardless of the “generic” SLAs that the cloud service providers may offer. The set of company-oriented SLAs is necessary even if the prospective cloud providers might not be able to meet all the SLAs that your organization would ideally like to receive from the cloud provider. Having a set of SLAs that reflect your organization’s needs enables the service buyer to calibrate the provider and receiver’s SLAs and determines those areas that may be critically important to make the agreement acceptable and also assess the risk of engaging a service supplier that is not able to satisfy important SLAs.
The need to define service level requirements applies to whether an organization is considering a public, a private or a hybrid cloud option. The SLA set will also be most valuable in selecting the most suitable cloud service provider as there is a tremendous variety of provisions offered by a wide variety of cloud providers who are just, as anyone else, learning the cloud game in the absence of universal and global cloud standards.
|Day One (8:30 AM – 4:30 PM)
||Day Two (8:30 AM – 4:30 PM)
Registration Process: 8:30 AM – 9:00 AM
Session Start Time: 9:00 AM
- Background - Cloud Computing - A New IT Infrastructure Revolution – Definition of terms
- A Discussion of Threats, Risks and Exposures in Cloud Computing– A Basis for developing the Service Level Agreement Package
- Cloud Service Level Agreements (SLAs) – Definitions – Service Level Agreements and Service Level Management - Why Should You Invest in Developing a Sound Set of SLAs?
- Governance, Risk Management and Compliance Issues for the Cloud – The Need for a Thorough Threat and Risk Assessment as a basis for developing the Service Level Requirements and Service Level Agreements
- Classes of Service Level Agreements for the Cloud: This session will address various classes of service level requirements to consider, such as:
- Financial Reliability and Stability
- Transparency – Accountability
- Supply Chain with Multiple Third Party Providers
- Life Cycle Integrity
- Security/ Privacy/Compliance
- Data Leak Protection (DLP)
- Classes of Service Level Agreements for the Cloud, Continued
Practical Guidelines for the Safe Selection of Cloud Service Providers to Ensure Adequate GRC Provisions are satisfied
- Availability/Resiliency and Business Continuity Issues
- Cloud Service Provider Certification and Auditing
- Contract Negotiability – Exit Strategies and Provisions
- Data Ownership and Disposition
- Geographic Restriction Provisions for Sensitive Data residence and Storage
- Integration of Cloud computing with Internal Business Applications,
- and much more
Workshop designed to apply the knowledge presented.
Through a guided workshop:
- Using the Cloud SLA Package as a basis for determining the most suitable cloud provider
- Identifying deficiencies in the ability of candidate cloud providers to meet all the most critical SLAs and assessing the risk to your organization of proceeding with less than an ideal provider
- Key Steps in negotiating with cloud supplier
- Delegates will break into groups with common interests and will be encouraged to develop a sample GRC plan
- Delegates will discuss the types of Cloud Service Level Agreements that would apply to their own areas of interest
- Present their findings to the class
- Question and Answer period with cull class participation
Meet Your Instructor
President and Principal Consultant, Management Advisory Services & Publications (MASP)
Javier F. Kuong is the President and Principal Consultant of Management Advisory Services & Publications (MASP), an organization that for over 30 years has been devoted solely to consulting, training, publications, research and development in Enterprise and IT Governance, Compliance, Auditing, Security, Service Level Agreements and Business Continuity Planning. He is the author of over 40 books and treatises in the above fields of expertise. He is the author of a very recent book entitled: “Service Level Agreements for Cloud Computing – Guidelines for Selecting Cloud Service Providers”
Register by P.O. / Check
Yes, I want to attend "Governance, Risk Management and Compliance (GRC) for Safe and Effective Cloud Computing - Cloud Service Level Agreements (SLAs)".
Click here to download P.O. form
If you are paying by check:
Checks should be payable to MetricStream Inc. (our parent company) and mailed to:
2479 East Bayshore Road
Palo Alto, CA 94303
Send your team for maximum benefit.
Get your team up to speed!
Significant tuition discounts are available for teams of two or more from the same company. You must register at the same time and provide a single payment to take advantage of the discount.
||Get 10% off
|3 to 6 Attendees
||Get 20% off
|7 to 10 Attendees
||Get 25% off
||Get 30% off
Call toll free on +1-888-717-2436 if you have any queries.
Register by Wire Transfer
If you wish to pay by wire transfer, please call us toll free on +1-888-717-2436
Terms & Conditions to register for the Seminar/Conference/Event
Your Registration for the seminar is subject to following terms and conditions. If you need any clarification before registering for this seminar please call us @ +1-888-717-2436 or email us @ firstname.lastname@example.org
Payment is required before 2 days of the date of the conference. We accept American Express, Visa and MasterCard. Make checks payable to MetricStream Inc. ( our parent company)
Cancellations and Substitutions:
Written cancellations through fax or email (from the person who has registered for this conference) received at least 10 calendar days prior to the start date of the event will receive a refund — less a $200 administration fee. No cancellations will be accepted — nor refunds issued — within 10 calendar days from the start date of the event.
On request by email or fax (before the seminar) a credit for the amount paid minus administration fees ($200) will be transferred to any future ComplianceOnline event and a credit note will be issued.
Substitutions may be made at any time. No-shows will be charged the full amount.
We discourage onsite registrations, however if you wish to register onsite payment to happen through credit card immediately or check to be submitted onsite. Conference material will be given on the spot if it is available after distributing to other attendees. In case it is not available we will send the material after the conference is over.
In the event ComplianceOnline cancels the seminar, ComplianceOnline is not responsible for any airfare, hotel, other costs or losses incurred by registrants. Some topics and speakers may be subject to change without notice.
Attendance confirmation and Documents to carry to the seminar venue:
After we receive the payment from the registered attendee an electronic event pass will be sent to the email address associated with the registrant before 5 working days from the seminar date. Please bring the pass to the venue of the event.
Conference photograph / video:
By registering and attending ComplianceOnline conference you agree to have your photographs or videos taken at the conference venue and you do not have any objections to use these photos and videos by ComplianceOnline for marketing, archiving or any other conference related activities. You agree to release ComplianceOnline for any kind of claims arising out of copyright or privacy violations.
Cloud SLA Book Description:
Governance, Risk and Compliance (GRC) for Cloud Computing – Service Level Agreement for Effective and Safe Deployment and Guidelines for Cloud Provider Selection
The cloud is becoming ubiquitous and all types of organizations, large and small, profit and non-profit, have or are contemplating migrating IT applications, data and processes to the cloud.Responsible and due diligence minded executives, IT officials and cloud service users who stand a lot to gain but also much at stake ponder these key questions:
- Do we know what our business requirements are and what should be safely moved to the cloud?
- What are our service requirements and have we determined the Service Level Agreements (SLA) that will help us determine what “our” service needs are and not those offered and promoted by the plethora of cloud vendors?
Delegates will enjoy a 30% discount from the list price of $99 US and will pay only $69 when ordered in advance with the seminar. In addition, they will save the expensive air post involved if the book is ordered from the publisher: Management Advisory Services & Publications (MASP),www.masp.com, Tel: 508-299-7607. It can be ordered through ComplianceOnline with the seminar registration.
- What are the Governance, Risk Management and Compliance (GRC) considerations of moving to the cloud platforms and the Service Level Agreements (SLAs) that will minimize cloud risks?
- What are the security/privacy, availability and business continuity requirements to make the cloud option effective a safe?
This book is intended to provide the reader with a set of probing questions, mention the most obvious risk associated with cloud adoption and provides a set of comprehensive Service Level Agreements (SLAs) that can help organizations to define the service levels, negotiate agreements with cloud vendors and raise probing question on the type of governance and compliance, security/privacy and business continuity provisions that the prospective cloud vendors should have a d be in a position to “transparently” answer.
The guidelines in the book would ideally good for those contemplating moving to the cloud but also to detected deficiencies in the present arrangements for those reorganizations that have already move to the cloud and for subsequent future renegotiations.
Independent auditor and personnel entrusted with the major task of assessing the cloud paradigm will also find the book very useful and save them a great deal of time in researching and investigating some of the most important considerations of moving to the cloud with due diligence and helping ensure the proper GRC provision are in place as well as what is the significance to the organization of weak governance cloud provisions by vendors.
If you wish to partner with us for this event
contact us: email@example.com
call us: +1-888-717-2436.
Media Partner Benefits
- Logo and company data on the event website.
- Logo on the conference material distributed during the conference.
- Media Partner’s brochure distributed along with conference material.
- Logo on all the mailings before and after the event.
- 10% discount to media partner's subscribers.
Media Partner to do
- Banner (min 728x90 or 468x60) on the Media Partner website.
- Insertion of the event in the event calendar, both printed and/or online.
- Announcement article of the conference on the Magazine and/or Website.
- Dedicated email blast to all subscribers of Media Partner.
- Article on the Magazine and/or Website after the conference.
If you wish to sponsor this event
contact Cruise Webster: firstname.lastname@example.org
call us: (207) 576-4173
The Rijksmuseum is a Dutch national museum dedicated to arts and history in Amsterdam in the Netherlands. It is the largest museum in the Netherlands, with more than a million visitors each year. s exhibition called The Masterpieces shows the most famous pieces of Dutch art from the 17th c., usually called the Golden Age of the Netherlands.
Rembrandtplein (Rembrandt Square)
Rembrandtplein is one of the busiest squares in the city, at least when it comes to nightlife and clubbing. It is lined with pubs, restaurants, cafes and hotels and is thus a tourist magnet. A popular centre for nightlife, it also includes traditional Dutch pubs which play real Dutch music. Around the area you’ll also find quality night clubs, gay venues, respectable diamond dealers and the inevitable tacky souvenir shops.
Vondelpark is the largest city park in Amsterdam, and certainly the most famous park in the Netherlands, which welcomes about 10 million visitors every year. The Vondelpark is centrally located south of Leidseplein and near Rijksmuseum, Stedelijk Museum and Van Gogh Museum.
This old church with little houses clinging to its sides, remains a calm heaven at the heart of the freneric Red Light District. Its buildings, especially the Gothic-renaissance style octagonal bell tower, were used by sailors to get their bearings.
Of Amsterdam's 1280 or so bridges, the Magere Brug, or “Skinny Bridge” is the most famous. It is a traditional double-leaf, Dutch draw-bridge connecting the banks of the river Amstel. Approximately every twenty minutes, the bridge opens to let boats through.
Albert Cuyp market
The Albert Cuyp market is arguably the best-known and busiest outdoor market in Europe. It attracts thousands of visitors every day, and is especially popular on Saturdays. There are over 300 stalls and goods range from fresh produce, to clothes, to odds and ends, with prices among the cheapest in Amsterdam.
Right in the center of Amsterdam, you can also find the oldest Zoo of Holland. It consists of four main areas: Zoo, Planetarium, Botanical Gardens and Geological and Zoological museum. In the zoo itself you will find animals from all over the world. In addition, a unique canal aquarium shows you which animals roam the canals of Amsterdam.