Risk and Compliance Management for Cloud Computing Services: Designing a Reference Model

Authors

Benedikt Martens, University of OsnabrueckFollow
Frank Teuteberg, University of OsnabrueckFollow

Track

IT Strategy and Management

Abstract

More and more companies are making use of Cloud Computing Services in order to reduce costs and to increase theflexibility of their IT infrastructures. Currently, the focus is shifting towards problems of risk and compliance which includeas well the realm of Cloud Computing security. For instance, since the storage locations of data may shift or remain unknownto the user, the problem of the applicable jurisdiction arises and impede the adoption and management of Cloud ComputingServices. Therefore, companies need new methods to avoid being fined for compliance violations, to manage risk factors aswell as to manage processes and decision rights. This paper presents a reference model that serves to support companies inmanaging and reducing risk and compliance efforts. We developed the model on the solid basis of a systematic literaturereview and practical requirements by analyzing Cloud Computing Service offers.

Recommended Citation

Martens, Benedikt and Teuteberg, Frank, "Risk and Compliance Management for Cloud Computing Services: Designing a Reference Model" (2011). AMCIS 2011 Proceedings - All Submissions. 228.
https://aisel.aisnet.org/amcis2011_submissions/228