Contents 1.Introduction...................................................................................................................................2 2.Risks Identification........................................................................................................................2 3.Risks Strategy................................................................................................................................4 Conceptual Framework:.....................................................................................................................4 Process of risk management strategy.................................................................................................5 4.Risks evaluation and Assessment..................................................................................................7 5.Risks Mitigation plan.....................................................................................................................8 6.Discussion...................................................................................................................................11 7.Conclusion...................................................................................................................................12 8.References:..................................................................................................................................12
Title: Risk assessment and risk management strategy associated with cloud infrastructure 1.Introduction Every organization is looking forward to transform their traditional business tactics with the ICT technology. The Cloud computing technology is the emerging trend for developing digitization in the organization. The platform of cloud computing provides new innovation, scalability, flexibility, reliability, of information for improving the working tactics of the enterprise. The advantages of using cloud computing technology are managing abstraction of resources, managing scalability and flexibility of the business process, improving instant provision mechanism for innovation, sharing of hardware, software, network resources, providing on-demand service, managing virtualization of the business processes and resources, and others. The cloud computing environment helps in managing effective relationship between different business units of the enterprise with the inclusion of software as a service model, infrastructure as a service model, and platform as a service model. With the increasing growth of digitization, the security is the major concern associated with the preservation of the confidential information of the organization. The identification and mitigation of the risks is the important part of the business process for achieving success in the undertaking project. In this paper, we are looking forward to analyse the risks identification and management of cloud computing infrastructure. 2.Risks Identification The adoption of cloud computing architecture helps in transforming traditional business tactics with the digital environment. The following table shows the risks identified which are associated with the cloud computing infrastructure: Risks IdentificationDescription Security associated with physical assets The hardware, software, and network resources uploaded on the cloud platform are associated with the security risks. The third party can get unauthorised access of using the devices Identification security risks The user can get unauthorised access by using false identity
Security issues related with application management The third party can get unauthorised access of using the business applications. The security is the major concern associated with the application available on the cloud. Security issues related to Data confidentiality The security issues related with the data leakages of the confidential information. Lack of Data protection standard There are no specific standards developed for providing data protection mechanism to the information available on the cloud Open PlatformThe cloud technology is the open standard for sharing of information and data with the third party. Issues Related with Vendor Data lock in procedures The security concern associated with the API and database of the vendor information. There can be chance of risks associated with the data leakages of the confidential information of the vendor Licensing of the Software Some of the hardware devices do not have a license to use the uploaded software packages. The hardware requires license for using the effective software technology. Managing functionality of Enterprise services The functionality provided by the enterprise are not reliable, manageable, and other. Security issues with return on investment The costs can be reduced for internal IT operations. There is no clear provision for analysing the cost incurred on the cloud architecture included for the business operation Internet ConnectivityThe failure of the internet connectivity in the cloud environment will disrupt the working efficiency of the business environment equipped with the sharing of information, resources, and others among the participating unit which in turn directly affect the working capability and productivity of the enterprise. Legal Compliance and standard The cloud computing environment is associated with legal and statuary compliance requirement. The legal obligation should be resolved for effective deployment of cloud environment. Lack of Trust on the service providers It is difficult to comply trust on the cloud computing service providers for accessing the information from the cloud environment. Performance of the computing architecture The performance of the computing architecture can be affected by adopting the policies of cloud computing environment Business ContinuityThe processing of the business unit will be continued until the
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
programavailability of the resources and internet connectivity. The failure of the internet connectivity in the cloud environment will disrupt the working efficiency of the business environment equipped with the sharing of information, resources, and others among the participating unit which in turn directly affect the working capability and productivity of the enterprise. 3.Risks Strategy The adoption of the business tactic to the cloud environment requires readiness for the new working environment to reduce the occurrence of risks associated with the change in organization culture. The migration to the cloud infrastructure requires the analysis of the risks associated with it. The next step is to develop a strategy for coping up with the risks determined with the working of the cloud environment so as to minimize the impact of the associated risks. The conceptual framework should be developed for analysing the efficiency of the risks management plan. Conceptual Framework: The conceptual framework should be developed for analysing the efficiency of the risks management plan. The management of the risks can be identified by focusing on the risks, migration policies, and control. The application of the cloud computing environment should aligns with the goal and mission of the organization (Zolghadri, and Vahdani, 2015). The identified risks should be provided priority for resolution. It helps in controlling the impact of the risks associated with the business risks. The migration to the cloud platform is indulged with effective decision risks. The deployment of the conceptual model helps in analysing the facts associated with the concern area of improvement. The following figure shows the conceptual model and framework required for risk identification and management.
The aligning and the linking of the risks identification and mitigation program helps in developing effective risk management framework conceptual model. The analysis of the model helps in reducing the risks associated with the cloud computing adoption in the business working platform. Process of risk management strategy The following table shows the clear analysis of the risk strategy which is undertaken for minimizing the risks associated with the adoption of cloud infrastructure in the business organization. Phases of the risk management strategy Description Initialization of the risks identification The process should be undertaken to analyse the risk associated with the adoption of the cloud environment and analysis of the areas which requires improvement in the organization infrastructure (Morris, 2016) Development of the migration policies Analysis of the business value in terms of profit, goal, mission, and competitive advantage Analysis of the organizational functional program It helps in defining the internal and external communication between business units. It focuses on managing resources and hardware and software equipment
among the participating units for increasing the efficiency and productivity of the enterprise (Fan, Chang, and Kao, 2012) Managing data and information confidentiality The unauthorised accessing of the information and data should be eliminated so that it helps in minimizing the loss of data confidentiality. The data leakages should be prevented for preventing the premises from the malicious attack of the third party. IntegrityThe migration to the cloud platform should remain integrated with the organization function for achieving the enterprise mission and goal (Vasvari, 2015). Information availabilityThe on-time delivery of the information helps in increasing the functionality of the business forum. The accuracy of the information should be checked for managing the quality of service delivery to the customers (MITRE, 2012) TransparencyThe virtualization of the business process and security program helps in maintaining the transparency in the security assessment of the cloud service platform. Categorisation of the risksThe risks identified should be categorised into business risks organization risks and technical risks Mitigation and controlling planIdentify the areas which requires the deployment of cloud infrastructure Impact of cloud adoption on the business premises (Drissi, Houmani, and Medromi, 2013) Setting priorities to the associated risk It helps in managing the risks associated with the cloud transformation
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4.Risks evaluation and Assessment The evaluation of the risks can be effectively done with the setting of priorities and severity on the identified risks (Fan and Chen, 2012). The criteria used for risk likelihood and probability is as follows CriteriaRisk LikelihoodRisk Severity 4Very highly Probable Very High 3Highly ProbableHigh 2Medium ProbableMedium 1Low ProbableLow The following table shows the allocation of the likelihood and severity to analyse the ranking of the risks. Risk IdentifiedRisk Likelihood Risks Severity Risk Rank Ranking Security associated with physical assets 437High Identification security risks 224Medium Security issues related with application management 347High Security issues related to Data confidentiality 415Medium Lack of Data protection standard 426High Open Platform112Low Issues Related with Vendor Data lock in procedures 235Medium Licensing of the Software347High Managing functionality of213Low
Enterprise services Security issues with return on investment 426High Internet Connectivity314Medium Legal Compliance and standard 448High Lack of Trust on the service providers 235Medium Performance of the computing architecture 123Low Business Continuity program 235Medium 5.Risks Mitigation plan The development of the risk mitigation plan is the important step of the risks management process. It helps in minimizing the impact of risks on business premises associated with the end product of the project lifecycle program (DJemame, Armstrong, Guitart, and Macias, 2011). The following table shows the risks mitigation program associated with the risks identified: Risks IdentifiedImpactRisks Management Security associated with physical assets Impact on organization infrastructure The cryptographic procedures, encryption techniques, hash value algorithms, and firewall protection mechanism should be employed for preserving the physical premises of the enterprise which is looking forward for cloud adoption (Curits and Carey, 2013) Identification security risks Impact on business value in terms of profit, goal, mission, and competitive advantage Risk identification tools should be used for analysing error prone area of the business premises.
Security issues related with application management Impact on defining the internal and external communication between business units It focuses on managing resources and hardware and software equipment among the participating units for increasing the efficiency and productivity of the enterprise The login credentials should be provided to the internal and external user for initializing the authorised accessing of the information. It helps in eliminating the chance of unauthorised accessing of information from the third party Security issues related to Data confidentiality Impact on data confidentiality The confidentiality of the data can be preserved by managing the authorised access of information between internal and external partners Lack of Data protection standard Impact on integration with the organization function for achieving the enterprise mission and goal. The new policies and framework should be developed based on encryption methods and hash value algorithm Open PlatformImpact on accuracy of the information for managing the quality of service delivery to the customers The login credentials should be provided to the internal and external user for initializing the authorised accessing of the information. It helps in eliminating the chance of unauthorised accessing of information from the third party Issues Related with Vendor Data lock in procedures Impact on security program helps in maintaining the transparency in the security assessment of the cloud service platform. The information should be stored on the cloud platform in the Cipher text for managing transparency in the data flow Licensing of theImpact on assessing theThe software license should be
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Softwaresoftware and applicationtaken for using the application in the cloud platform of the organization Managing functionality of Enterprise services Impact on business premisesFirewall protection helps in minimizing the occurrence of malware which results in effective functionality of the enterprise services Security issues with return on investment It helps in managing the risks associated with the cloud transformation (Brender, and Markov, (2013) The database should be managed for analysing the cost incurred on using the cloud services. Internet ConnectivityImpact on continuity of the business plan The failure of the internet connectivity in the cloud environment will disrupt the working efficiency of the business environment equipped with the sharing of information, resources, and others among the participating unit which in turn directly affect the working capability and productivity of the enterprise (Befeki, Epstein, Yuthas, 2015). The high broad band connectivity should be used for managing the continuity of the business services Legal Compliance and standard Impact on legal and statuary compliance requirement. The legal issues of the organization should be proactively resolved by developing good and healthy relationship with the
government agencies (Harvett, 2016) Lack of Trust on the service providers Impact on accessing the information from the cloud environment. The services provided the service providers helps in developing trust Performance of the computing architecture Impact on performance of the computing architecture can be affected by adopting the policies of cloud computing environment Firewall protection helps in minimizing the occurrence of malware which results in effective functionality of the enterprise services (Fito and Guitart, 2015) Business Continuity program Impact on availability of the resources and internet connectivity. The cryptographic procedures, encryption techniques, hash value algorithms, and firewall protection mechanism should be employed for preserving the physical premises of the enterprise 6.Discussion The development of the risks identification, evaluation, assessment, and mitigation strategies helps in effective deployment of the cloud infrastructure in the business premises which in turn helps in business continuity service plan (Alosaimi, and Alnuem, 2016). The proactive risks management procedures help in minimizing the interruption which occurs in project development life cycle. The analysis of the risks helps in providing quality service to the customers and organization staff members which directly helps in increasing the return on investment of the enterprise. The sustainability of the business plan can be achieved by managing the proactive risks management policies and associated countermeasures. The identification and mitigation of the risks is the important part of the business process for transforming their traditional business tactics with the cloud environment. The evaluation of the risks can be effectively done with the setting of priorities and severity on the identified risks which helps in developing associated risks management policies and countermeasures to minimize their impact on the business premises.
7.Conclusion The cloud computing infrastructure is suitable for managing the business process,, allocation of the resources, sharing of information and data, and others to manage the business continuity plan for achieving sustainability. The aligning and the linking of the risks identification and mitigation program helps in developing effective risk management framework conceptual model. The analysis of the risks management program helps in reducing the risks associated with the cloud computing adoption in the business working platform. The cryptographic procedures, encryption techniques, hash value algorithms, and firewall protection mechanism should be employed for preserving the physical premises of the enterprise which is looking forward for cloud adoption. 8.References: Alosaimi, R., and Alnuem, M. (2016).Risks management framework for cloud computing: A Critical Review.International journal of computer science and information technology, 8(4).Retrieved fromhttp://aircconline.com/ijcsit/V8N4/8416ijcsit01.pdf Befeki, T., Epstein, M., Yuthas, K. (2015).Managing opportunities and risks. 1sted. Retrieved from http://www.cimaglobal.com/Documents/ImportedDocuments/cid_mag_managing_op portunities_and_risk_march08.pdf.pdf Brender, N. and Markov, I. (2013).Risks perception and risk management in loud computing. 1sted. Retrieved from https://hesso.tind.io/record/473/files/Brender_Markov_2013_risk_perception.pdf Curits, P. and Carey, M. (2013).Risks assessment in practice. 1sted. Retrieved from https://www2.deloitte.com/content/dam/Deloitte/global/Documents/Governance- Risk-Compliance/dttl-grc-riskassessmentinpractice.pdf DJemame, K., Armstrong, D., Guitart, J., and Macias, M. (2011).A Risks assessment framework for cloud computing. 1sted. Retrieved from http://eprints.whiterose.ac.uk/95981/1/noheader.pdf
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Drissi, S., Houmani, H., and Medromi, H. (2013).Survey risks assessment for cloud computing. 1sted. Retrieved from https://thesai.org/Downloads/Volume4No12/Paper_21- Survey_Risk_Assessment_for_Cloud_Computing.pdf Fan, C. and Chen, T. (2012).The risks management strategy of applying cloud computing. International Journal of advanced computer science and application, 3(9). Retrieved from https://pdfs.semanticscholar.org/b54e/589636f93aaa6142118bb173507118f488df.pdf Fan, C., Chang, C., and Kao, T. (2012).Risks management strategy for the use of cloud computing. 1sted. Retrieved from http://www.mecs-press.org/ijcnis/ijcnis-v4-n12/IJCNIS-V4-N12-5.pdf Fito, J., and Guitart, J. (2015).Introducing risks management into cloud computing. 1sted. Retrieved fromhttp://citeseerx.ist.psu.edu/viewdoc/download? doi=10.1.1.845.7466&rep=rep1&type=pdf Harvett, C. (2013).A study of uncertainty and risks management practice relative to perceived project complexity. 1sted. Retrieved fromhttps://epublications.bond.edu.au/cgi/viewcontent.cgi?referer=https:// www.google.com/&httpsredir=1&article=1122&context=theses MITRE. (2012).Risks impact assessment and prioritization. 1sted. Retrieved from https://www.mitre.org/publications/systems-engineering-guide/acquisition-systems- engineering/risk-management/risk-impact-assessment-and-prioritization Morris, J. (2016).Risks Evaluation rule. 1sted. Retrieved from https://www.epa.gov/sites/production/files/2016-08/documents/risk_evaluation_9_au gust_2016.pdf Vasvari, T. (2015).Risks, Risk Perception, Risk Management- A review of the literature. 1st ed. Retrieved fromhttps://www.asz.hu/storage/files/files/public-finance-quarterly- articles/2015/a_vasvarir_2015_1.pdf Zolghadri, M., and Vahdani, B (2015).Identify and priotize the factors influencing project risks. 1sted. Retrieved from https://pdfs.semanticscholar.org/a1d0/940bb776f610d03a5218c3fc861920159cb9.pdf