COSO has provided a detailed road map for incorporating cloud computing into enterprise risk management.
This new guidance from COSO provides a roadmap for establishing cloud computing governance leveraging the principles of COSO’s Enterprise Risk Management (ERM) – Integrating with Strategy and Performance framework. The guidance explains how each of the 20 principles of the COSO ERM framework applies to cloud computing.
As noted in the guidance, those organizations that have not yet created a cloud governance program can do so at any time and continue to refresh as changes occur. By incorporating cloud governance into the organization’s cloud computing processes, the organization is better positioned to manage risks that threaten the strategy and objectives of the organization.