Risk Assessment for Aztek Financial's Cloud Transition
VerifiedAdded on 2020/03/28
|19
|5174
|378
Report
AI Summary
This report presents a comprehensive risk assessment plan for Aztek Financial Services, an Australian financial services company, as it transitions to a cloud-based environment. The plan meticulously outlines potential risks, including data security breaches, loss of control, and compliance issues, while also providing detailed mitigation strategies. The report explores the merits of cloud computing, such as cost reduction and scalability, and addresses security concerns with best practices for financial institutions. It also analyzes the regulatory landscape, including ASIC and other governing bodies, and emphasizes the importance of compliance. The assessment covers various aspects, including lock-in risks, and offers insights into data security within cloud environments. The plan is designed to help Aztek Financial Services navigate the complexities of cloud adoption, ensuring the protection of customer data and maintaining regulatory compliance within the financial sector.
Risk Assessment Plan
A risk assessment plan for Aztek Financial Services
A risk assessment plan for Aztek Financial Services
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Risk Assessment Plan
Contents
Executive Summary...............................................................................................................................3
Cloud computing and its applications in the financial domain..............................................................3
Merits of cloud computing....................................................................................................................4
The security concerns are answered.................................................................................................4
Minimal costs and risks......................................................................................................................5
Scope of development.......................................................................................................................5
Why to adopt a cloud hosting solution for the financial services sector?.............................................5
Compliance and other regulatory bodies..............................................................................................7
Best Practices in Cloud Computing........................................................................................................8
Risk Assessment of Aztek while shifting towards a cloud based environment....................................10
Lock In.............................................................................................................................................11
Loss of Control.................................................................................................................................13
Compliance risks..............................................................................................................................14
Risk assessment table and mitigation plans........................................................................................15
Cloud Computing and its impact on Aztek...........................................................................................16
Data security risks in cloud computing................................................................................................17
References...........................................................................................................................................18
Page 2
Contents
Executive Summary...............................................................................................................................3
Cloud computing and its applications in the financial domain..............................................................3
Merits of cloud computing....................................................................................................................4
The security concerns are answered.................................................................................................4
Minimal costs and risks......................................................................................................................5
Scope of development.......................................................................................................................5
Why to adopt a cloud hosting solution for the financial services sector?.............................................5
Compliance and other regulatory bodies..............................................................................................7
Best Practices in Cloud Computing........................................................................................................8
Risk Assessment of Aztek while shifting towards a cloud based environment....................................10
Lock In.............................................................................................................................................11
Loss of Control.................................................................................................................................13
Compliance risks..............................................................................................................................14
Risk assessment table and mitigation plans........................................................................................15
Cloud Computing and its impact on Aztek...........................................................................................16
Data security risks in cloud computing................................................................................................17
References...........................................................................................................................................18
Page 2
Risk Assessment Plan
Executive Summary
Aztek financial Services is a company that operates in the financial services sector in
Australia for the past 25 years. The management has recently made a decision to shift its
business critical operations to a cloud based environment. But being in the financial domain,
the company feels the decision has to be scrutinized and studied well before deciding to make
such a crucial transition. The company has decided to make a detailed Risk Assessment plan
that lists out all the possible risks and threats in a detailed and sequential manner. The risk
assessment plan also gives insights into the mitigation plans for each of these risks,
illustrating how these potential risks could be bypassed or avoided in the first place. As Aztek
has created its identity as one of the leading companies and a brand that could be trusted on
with its enduring presence in the financial domain, the management takes it as their prime
responsibility to preserve and safeguard their customer’s information and private data.
Cloud computing and its applications in the financial domain
Cloud Computing could be defined as the process of providing certain technological features
such as high capacity data storage, contemporary software, massive databases and servers,
complex networks and data analytic tools to end users (Armbrust et.al, 2008). Cloud
computing services are provided by companies which are termed as “cloud providers”. These
services provide an economic way for companies like Aztek in availing vital technological
tools, as they are billed for only the services being provided to them. Cloud computing could
also be used to host extensive and unceasing access of a shared collection of resources for the
end users. These shared resources are made available to the users by the help of the internet.
The advantage for the customer in using the public cloud is the ability to access new features
and functionalities of state-of-the-art tools and services that may not be availed otherwise.
Page 3
Executive Summary
Aztek financial Services is a company that operates in the financial services sector in
Australia for the past 25 years. The management has recently made a decision to shift its
business critical operations to a cloud based environment. But being in the financial domain,
the company feels the decision has to be scrutinized and studied well before deciding to make
such a crucial transition. The company has decided to make a detailed Risk Assessment plan
that lists out all the possible risks and threats in a detailed and sequential manner. The risk
assessment plan also gives insights into the mitigation plans for each of these risks,
illustrating how these potential risks could be bypassed or avoided in the first place. As Aztek
has created its identity as one of the leading companies and a brand that could be trusted on
with its enduring presence in the financial domain, the management takes it as their prime
responsibility to preserve and safeguard their customer’s information and private data.
Cloud computing and its applications in the financial domain
Cloud Computing could be defined as the process of providing certain technological features
such as high capacity data storage, contemporary software, massive databases and servers,
complex networks and data analytic tools to end users (Armbrust et.al, 2008). Cloud
computing services are provided by companies which are termed as “cloud providers”. These
services provide an economic way for companies like Aztek in availing vital technological
tools, as they are billed for only the services being provided to them. Cloud computing could
also be used to host extensive and unceasing access of a shared collection of resources for the
end users. These shared resources are made available to the users by the help of the internet.
The advantage for the customer in using the public cloud is the ability to access new features
and functionalities of state-of-the-art tools and services that may not be availed otherwise.
Page 3
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Risk Assessment Plan
The services offered by the cloud can be accessed in a ceaseless way, without spending a
considerable amount on expensive, state of the art hardware, software or other services (Qian
et.al, 2009). There are few other reasons why companies like Aztek decide to migrate
towards a cloud environment. The expectation that Aztek had while shifting their business
critical application and data sources to a cloud based system was that they could gain access
to the infinite volume of data that could be availed with no extra effort or budget on
maintenance. The ease of use was also crucial in taking the decision for the migration to the
cloud based architecture. The speed and bandwidth of a high speed internet connection was
considered as the only decisive factor in getting the advantages out of a cloud service. Like
most other big corporate companies that serve its customers in the financial sector, Aztek also
plans to shift its operations from a dormant working atmosphere based at the office to a ‘work
on the move’ model. This shift would have been the major driving force in the management’s
decision to migrate its critical applications to an external Cloud based solution. Since Aztek
runs its business in a Customer Relationship Management application, it is highly necessary
that the users have access to the software and its major functionalities available to them
consistently, without any fail. This also happened to be another major influencing factor for
the management to take the decision to shift its operations to a cloud hosting service.
Merits of cloud computing
The security concerns are answered.
Cloud service providers for companies in the financial domain have stringent policies on
security issues and make it their prime obligation. The service providers have modern
technologies built into the cloud resources that are capable of fighting security breaches and
attacks by viruses, malware and other spam (Zhang et.al, 2010). The CSP’s also provide
Page 4
The services offered by the cloud can be accessed in a ceaseless way, without spending a
considerable amount on expensive, state of the art hardware, software or other services (Qian
et.al, 2009). There are few other reasons why companies like Aztek decide to migrate
towards a cloud environment. The expectation that Aztek had while shifting their business
critical application and data sources to a cloud based system was that they could gain access
to the infinite volume of data that could be availed with no extra effort or budget on
maintenance. The ease of use was also crucial in taking the decision for the migration to the
cloud based architecture. The speed and bandwidth of a high speed internet connection was
considered as the only decisive factor in getting the advantages out of a cloud service. Like
most other big corporate companies that serve its customers in the financial sector, Aztek also
plans to shift its operations from a dormant working atmosphere based at the office to a ‘work
on the move’ model. This shift would have been the major driving force in the management’s
decision to migrate its critical applications to an external Cloud based solution. Since Aztek
runs its business in a Customer Relationship Management application, it is highly necessary
that the users have access to the software and its major functionalities available to them
consistently, without any fail. This also happened to be another major influencing factor for
the management to take the decision to shift its operations to a cloud hosting service.
Merits of cloud computing
The security concerns are answered.
Cloud service providers for companies in the financial domain have stringent policies on
security issues and make it their prime obligation. The service providers have modern
technologies built into the cloud resources that are capable of fighting security breaches and
attacks by viruses, malware and other spam (Zhang et.al, 2010). The CSP’s also provide
Page 4
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Risk Assessment Plan
state-of-the-art mechanisms to protect the data and secure them by having efficient backup
means.
Minimal costs and risks
By migrating to cloud based architecture, Aztek plans to reduce the costs involved in having
extra hardware for storing data and business critical technological services. The costs and
risks involved in maintaining such a huge repository of hardware could be avoided if the
cloud based architecture is adopted (Hayes, 2008).
Scope of development
The scope of development and expansion would be more if cloud based architecture is
adopted. As technology and Information technology innovations are making rapid changes, it
is well advised to shift over to the cloud as the company does not have to research or invest
on the technological updates and breakthrough designs in hardware (Subashini and Kavitha,
2011).
Why to adopt a cloud hosting solution for the financial services sector?
The financial service sector has always been dynamic in nature, and one that modifies and
adapts itself quickly to the changes in the economy. The companies in the financial sector
have to stay up to date in technologies mandatorily, that would help them stay ahead of the
competitors. Along with these technologies, these companies have to use other state of the art
solutions also to serve the customers in a better fashion. It requires a lot of planning and
forecasting in the part of the executives and managers of Aztek to stay ahead of its
competitors. The major reason for these financial companies in adopting a cloud hosting
Page 5
state-of-the-art mechanisms to protect the data and secure them by having efficient backup
means.
Minimal costs and risks
By migrating to cloud based architecture, Aztek plans to reduce the costs involved in having
extra hardware for storing data and business critical technological services. The costs and
risks involved in maintaining such a huge repository of hardware could be avoided if the
cloud based architecture is adopted (Hayes, 2008).
Scope of development
The scope of development and expansion would be more if cloud based architecture is
adopted. As technology and Information technology innovations are making rapid changes, it
is well advised to shift over to the cloud as the company does not have to research or invest
on the technological updates and breakthrough designs in hardware (Subashini and Kavitha,
2011).
Why to adopt a cloud hosting solution for the financial services sector?
The financial service sector has always been dynamic in nature, and one that modifies and
adapts itself quickly to the changes in the economy. The companies in the financial sector
have to stay up to date in technologies mandatorily, that would help them stay ahead of the
competitors. Along with these technologies, these companies have to use other state of the art
solutions also to serve the customers in a better fashion. It requires a lot of planning and
forecasting in the part of the executives and managers of Aztek to stay ahead of its
competitors. The major reason for these financial companies in adopting a cloud hosting
Page 5
Risk Assessment Plan
solution was for revamping and upgrading the business process to meet the growing demand
of an ever dynamic economic environment. Cloud computing also helps in better collusion
for the clients by allowing constant and ceaseless data access mechanisms (Catteddu, 2010).
There is also an increasing demand from the stake holders of companies in the financial
domain for better returns of investments. The customers also demand for better services from
companies in a cost effective manner. This has forced a lot of businesses like that of Aztek to
concentrate on a new model that accommodates and incorporates modern technological tools
that are designated to satisfy the needs of the customer. Companies in the financial domain
like those of banks or insurance companies find it necessary to advance their operations
further and become more customer-centric by catering to the needs of the customer in a more
cost effective manner.
The major transition that is expected to happen on companies in the financial sector once they
adopt cloud services is the digitizing of trading. Apart from this it is also expected that a
better management of wealth and assets, and an improved customer relationship can be
attained by utilizing the full facilities offered by adopting the cloud services (Rimal et.al,
2009). Inspite of the various advantages that has been listed out, there has been a certain level
of scepticism for the directors of Aztek, just like few other companies around Australia, in
the financial domain, to make a complete change and adopt themselves to a cloud based
environment. Being in the financial sector, a major cause of concern for Azteks management
before the full transition was planned, was to be aware of the industry regulations and the
compliance procedures. Being in the financial domain, Aztek’s management had to take into
consideration the high level of risks and the strict compliance procedures, according to the
government norms and procedures. Since the adoption of the new technology could put the
compliance procedures at risk, companies including Aztek seemed to be hesitant at the start,
to adopt the cloud technology completely.
Page 6
solution was for revamping and upgrading the business process to meet the growing demand
of an ever dynamic economic environment. Cloud computing also helps in better collusion
for the clients by allowing constant and ceaseless data access mechanisms (Catteddu, 2010).
There is also an increasing demand from the stake holders of companies in the financial
domain for better returns of investments. The customers also demand for better services from
companies in a cost effective manner. This has forced a lot of businesses like that of Aztek to
concentrate on a new model that accommodates and incorporates modern technological tools
that are designated to satisfy the needs of the customer. Companies in the financial domain
like those of banks or insurance companies find it necessary to advance their operations
further and become more customer-centric by catering to the needs of the customer in a more
cost effective manner.
The major transition that is expected to happen on companies in the financial sector once they
adopt cloud services is the digitizing of trading. Apart from this it is also expected that a
better management of wealth and assets, and an improved customer relationship can be
attained by utilizing the full facilities offered by adopting the cloud services (Rimal et.al,
2009). Inspite of the various advantages that has been listed out, there has been a certain level
of scepticism for the directors of Aztek, just like few other companies around Australia, in
the financial domain, to make a complete change and adopt themselves to a cloud based
environment. Being in the financial sector, a major cause of concern for Azteks management
before the full transition was planned, was to be aware of the industry regulations and the
compliance procedures. Being in the financial domain, Aztek’s management had to take into
consideration the high level of risks and the strict compliance procedures, according to the
government norms and procedures. Since the adoption of the new technology could put the
compliance procedures at risk, companies including Aztek seemed to be hesitant at the start,
to adopt the cloud technology completely.
Page 6
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Risk Assessment Plan
Compliance and other regulatory bodies
The major regulatory authorities for the companies in Australia regarding financial issues are
the Australian Securities and Investments Commission (ASIC). The ASIC is responsible for
setting forth certain rules and regulations that are intended for protecting the rights of the
customer and ensure that the shareholders does not suffer if the company fails to perform
according to the expectations. Similarly other governing authorities like the Australian
Prudential Regulatory Authority and the Australian Securities Exchange also puts forward a
few compliance standards for companies regarding the financial transactions and activities
within the country. The Australian Government Information Technology Security Manual
(ACSI) is another governing body that pertains to the compliance procedures that are to be
followed regarding the Information and Communication technology (ICT) procedures within
the country (Ferris and Riveros, 2009). Freedom of Information Act that was passed in 1982
and the Archives Act passed in 1983 also deals with the regulatory norms of Information
Technology related norms within the country. The strict compliance procedures put forth by
these regulatory bodies and few other rules that pertain to the Information technology
procedures were always a stumbling block in the minds of companies in the financial domain
to adopt new technologies. The same could be told about Aztek too.
Following these scepticism and indecision in the parts of companies like Aztek in the
financial domain, the onus was on the government’s part to make it clear that there was no
major reason why companies in the financial could not adopt the cloud based technology
services as long as it did not violate any compliance standards.
Page 7
Compliance and other regulatory bodies
The major regulatory authorities for the companies in Australia regarding financial issues are
the Australian Securities and Investments Commission (ASIC). The ASIC is responsible for
setting forth certain rules and regulations that are intended for protecting the rights of the
customer and ensure that the shareholders does not suffer if the company fails to perform
according to the expectations. Similarly other governing authorities like the Australian
Prudential Regulatory Authority and the Australian Securities Exchange also puts forward a
few compliance standards for companies regarding the financial transactions and activities
within the country. The Australian Government Information Technology Security Manual
(ACSI) is another governing body that pertains to the compliance procedures that are to be
followed regarding the Information and Communication technology (ICT) procedures within
the country (Ferris and Riveros, 2009). Freedom of Information Act that was passed in 1982
and the Archives Act passed in 1983 also deals with the regulatory norms of Information
Technology related norms within the country. The strict compliance procedures put forth by
these regulatory bodies and few other rules that pertain to the Information technology
procedures were always a stumbling block in the minds of companies in the financial domain
to adopt new technologies. The same could be told about Aztek too.
Following these scepticism and indecision in the parts of companies like Aztek in the
financial domain, the onus was on the government’s part to make it clear that there was no
major reason why companies in the financial could not adopt the cloud based technology
services as long as it did not violate any compliance standards.
Page 7
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Risk Assessment Plan
Best Practices in Cloud Computing
Though there are innumerable benefits of Cloud Computing which have been already pointed
out and discussed, security issues are always a glaring factor for companies who decide to
avail the cloud computing facilities. Since cloud computing revolves around the data saved in
the internet, there are always chances of a security breach, or the data being tampered by an
unauthorized entity (Beard, 2008). A few best practices adopted by cloud computing
strategists help in bypassing these security issues and enable the IT personnel to come up
with a model that would provide secure data transmission. Any company in the financial
domain which decides to adopt the cloud computing services could follow these best
practices to overcome the security issues.
Gain timely and contemporary information about the security issues in cloud
computing and be aware of the methods to overcome these issues.
As cloud computing hosts its information in the internet and transmits its services in
cyberspace, security issues cannot be ignored. The risks of data being hacked are very
much relevant and it can be avoided only by being well informed about the contemporary
issues of security in a cloud based environment.
Provide a mechanism for backing up the data and files in the cloud.
When data and files are being stored in the cloud, it would always be recommended to
have a backup mechanism in case of a disruption or a failure. Since the cloud computing
mechanism is completely dependent on external entities such as the internet, power
supply and back up, a mishap in any of these resources should not affect the progress of
the project to any extent (Varia, 2011). A caching mechanism for storing the data and
Page 8
Best Practices in Cloud Computing
Though there are innumerable benefits of Cloud Computing which have been already pointed
out and discussed, security issues are always a glaring factor for companies who decide to
avail the cloud computing facilities. Since cloud computing revolves around the data saved in
the internet, there are always chances of a security breach, or the data being tampered by an
unauthorized entity (Beard, 2008). A few best practices adopted by cloud computing
strategists help in bypassing these security issues and enable the IT personnel to come up
with a model that would provide secure data transmission. Any company in the financial
domain which decides to adopt the cloud computing services could follow these best
practices to overcome the security issues.
Gain timely and contemporary information about the security issues in cloud
computing and be aware of the methods to overcome these issues.
As cloud computing hosts its information in the internet and transmits its services in
cyberspace, security issues cannot be ignored. The risks of data being hacked are very
much relevant and it can be avoided only by being well informed about the contemporary
issues of security in a cloud based environment.
Provide a mechanism for backing up the data and files in the cloud.
When data and files are being stored in the cloud, it would always be recommended to
have a backup mechanism in case of a disruption or a failure. Since the cloud computing
mechanism is completely dependent on external entities such as the internet, power
supply and back up, a mishap in any of these resources should not affect the progress of
the project to any extent (Varia, 2011). A caching mechanism for storing the data and
Page 8
Risk Assessment Plan
files would be a practical solution in such a scenario to provide a ceaseless and
uninterrupted running of the business.
Realizing the risk factors in storing data in cloud service providers
Though security is one the main features that is being concentrated on in the cloud
computing technology nowadays, there is an inherent risk of data being lost if a major
interruption occurs. Understanding the risk elements in accessing data and services from
the cloud helps in assessing alternative options for securing and backing up the critical
data.
Being aware of the changes and new technological updates
Companies like Aztek should focus on the technological modifications and changes in the
protocols that the cloud service provider undergoes once the service is offered. There
should be a dedicated communication channel within the organization to have the relevant
information passed on about the changes that are carried out by the cloud service
provider.
Have a clear segregation of the data and the services that are being accessed from
the cloud
There should be a clear understanding of the data and the services that are being provided
by the cloud service. Maintaining a clear segregation about the data and the services that
are being stored and accessed in house, from the ones that are being accessed from the
cloud helps in keeping record of the data that has to be accessed from the backup sources
in case of a security breach (Menken, 2008).
Page 9
files would be a practical solution in such a scenario to provide a ceaseless and
uninterrupted running of the business.
Realizing the risk factors in storing data in cloud service providers
Though security is one the main features that is being concentrated on in the cloud
computing technology nowadays, there is an inherent risk of data being lost if a major
interruption occurs. Understanding the risk elements in accessing data and services from
the cloud helps in assessing alternative options for securing and backing up the critical
data.
Being aware of the changes and new technological updates
Companies like Aztek should focus on the technological modifications and changes in the
protocols that the cloud service provider undergoes once the service is offered. There
should be a dedicated communication channel within the organization to have the relevant
information passed on about the changes that are carried out by the cloud service
provider.
Have a clear segregation of the data and the services that are being accessed from
the cloud
There should be a clear understanding of the data and the services that are being provided
by the cloud service. Maintaining a clear segregation about the data and the services that
are being stored and accessed in house, from the ones that are being accessed from the
cloud helps in keeping record of the data that has to be accessed from the backup sources
in case of a security breach (Menken, 2008).
Page 9
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Risk Assessment Plan
Risk Assessment of Aztek while shifting towards a cloud based environment.
The Risk Assessment Plan discussed here intends to create a systematized way to perceive
and forecast the risks, evaluate and assess the risks, and determine mechanisms to counter the
possible risks. The document is intended to help the managers and the stake holders in
identifying the potential threats that Aztek may face during a business critical decision like
the transition of their technology to a cloud based environment. The risks that are analyzed
here evaluate the different reasons that restrict the decision making capabilities of the
management while migrating towards a cloud based environment. The Risk assessment plan
compares and quantifies the potential risks to the advantages and convenience which the
company may garner in terms of revenue and technological advancements. As discussed
earlier the adoption of a cloud based environment would not only increase the storage
capacity of their existing repositories for data storage but also increases intercommunication
and transmission capabilities and make these channels more effective (Mosher, 2011). While
preparing the risk assessment plan a comparison chart has been used to correlate the trade off
between the data saving methods. An analysis has been made to check whether saving the
business critical data and files in an in house storage is more convenient to a storage
mechanism in the cloud servers. The risks being analyzed in the plan pertains to the
operations within Aztek and not the cloud provider. But a certain number of risks that are
being analyzed in the document could be transferred to the capabilities of the cloud provider
and could be considered as the benefits drawn out of the cost spent on availing the cloud
services. But the risk assessment plan does not guarantee a relief for other serious calamities
in the business such as an unexpected loss or other serious judicial issues.
Page 10
Risk Assessment of Aztek while shifting towards a cloud based environment.
The Risk Assessment Plan discussed here intends to create a systematized way to perceive
and forecast the risks, evaluate and assess the risks, and determine mechanisms to counter the
possible risks. The document is intended to help the managers and the stake holders in
identifying the potential threats that Aztek may face during a business critical decision like
the transition of their technology to a cloud based environment. The risks that are analyzed
here evaluate the different reasons that restrict the decision making capabilities of the
management while migrating towards a cloud based environment. The Risk assessment plan
compares and quantifies the potential risks to the advantages and convenience which the
company may garner in terms of revenue and technological advancements. As discussed
earlier the adoption of a cloud based environment would not only increase the storage
capacity of their existing repositories for data storage but also increases intercommunication
and transmission capabilities and make these channels more effective (Mosher, 2011). While
preparing the risk assessment plan a comparison chart has been used to correlate the trade off
between the data saving methods. An analysis has been made to check whether saving the
business critical data and files in an in house storage is more convenient to a storage
mechanism in the cloud servers. The risks being analyzed in the plan pertains to the
operations within Aztek and not the cloud provider. But a certain number of risks that are
being analyzed in the document could be transferred to the capabilities of the cloud provider
and could be considered as the benefits drawn out of the cost spent on availing the cloud
services. But the risk assessment plan does not guarantee a relief for other serious calamities
in the business such as an unexpected loss or other serious judicial issues.
Page 10
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Risk Assessment Plan
As a part of a survey that was made by the major players in the financial sector, it was
identified that higher authorities of a company were most concerned about security threats in
the cloud computing architecture. The other major concern that followed the apprehension
about security threats were the compliance procedures that had to be adhered to. These
compliance procedures are legal statutes set forth by the government while adopting certain
Information and technology tools and services adopted by companies (Tucker and Li, 2012).
The IT compliance standards are normally deemed to be intricate in nature and requires an in
depth analysis before deciding to start any project or an undertaking that is new. The third
prevalent concern for the administration was the security breach notification. These are laws
that safeguard the privacy of a customer while using personal or private data. These laws
enforce a company to notify and take remedial measures if a breach in data security occurs.
In the modern digitized world, data breach is considered as a serious offence and requires
prompt remedial measures for rectifying them.
In the risk assessment plan all these issues are considered in a comprehensive and exhaustive
way before discussing on the corrective measures to counter these impending risks.
Lock In
One of the major risk that Aztek has to face while shifting its IT operations to an exclusively
cloud based technology is the lock in procedures followed by the cloud service providers. A
lock in is a procedure adopted by the cloud service provider to make the customer completely
bank on the services provided by them exclusively. The lock in strategy is adopted in most
cases so that customers such as Aztek would remain with the cloud service providers for a
long duration without shifting to other vendors fearing the mammoth charges involved in
such a migration. From the previous analysis and market studies, it has been inferred by the
IT executives and management in Aztek that a lock in can be a cumbersome process which is
Page 11
As a part of a survey that was made by the major players in the financial sector, it was
identified that higher authorities of a company were most concerned about security threats in
the cloud computing architecture. The other major concern that followed the apprehension
about security threats were the compliance procedures that had to be adhered to. These
compliance procedures are legal statutes set forth by the government while adopting certain
Information and technology tools and services adopted by companies (Tucker and Li, 2012).
The IT compliance standards are normally deemed to be intricate in nature and requires an in
depth analysis before deciding to start any project or an undertaking that is new. The third
prevalent concern for the administration was the security breach notification. These are laws
that safeguard the privacy of a customer while using personal or private data. These laws
enforce a company to notify and take remedial measures if a breach in data security occurs.
In the modern digitized world, data breach is considered as a serious offence and requires
prompt remedial measures for rectifying them.
In the risk assessment plan all these issues are considered in a comprehensive and exhaustive
way before discussing on the corrective measures to counter these impending risks.
Lock In
One of the major risk that Aztek has to face while shifting its IT operations to an exclusively
cloud based technology is the lock in procedures followed by the cloud service providers. A
lock in is a procedure adopted by the cloud service provider to make the customer completely
bank on the services provided by them exclusively. The lock in strategy is adopted in most
cases so that customers such as Aztek would remain with the cloud service providers for a
long duration without shifting to other vendors fearing the mammoth charges involved in
such a migration. From the previous analysis and market studies, it has been inferred by the
IT executives and management in Aztek that a lock in can be a cumbersome process which is
Page 11
Risk Assessment Plan
difficult to be disentangled from. As per the managements studies, it has been proved that
once a lock in happens, a further migration to a new service provider is almost completely
impractical and extortionate in terms of the costs involved (Leavitt, 2009). Is cloud
computing really ready for prime time. Growth, 27(5), pp.15-20.. Considering the impending
scenario of Aztek deciding to bypass the lock in restrictions provided by its current cloud
service provider and decides to change its data and service repositories to a new service
provider, there would be many operation and technological complications to be considered.
The major problem that would be faced by Aztek would be that all the data and related
service oriented statistical inputs should be transferred to an in house repository first. Once
the data has been moved to an in house repository, further measures could be taken to transfer
the information and data back to the new cloud service provider’s data repositories. This
would involve a lot shuffle and technological changes that would prove to be extremely
cumbersome.
While doing a risk assessment of the above problem, it could be inferred that by following
certain measures the impending risks could be countered effectively or prevented altogether.
By having an in depth analysis about the cloud service providers guidelines and
instructions about data migration procedures the management of Aztek can have an
estimate of the costs that would be involved in case of an impending lock in issue with
the vendor.
Have a prior enquiry about the procedures and methods that the cloud service provider
follows currently for its present customers. Scrutinize and evaluate the tools that are
being offered for the migration of data that happens in a large scale.
Page 12
difficult to be disentangled from. As per the managements studies, it has been proved that
once a lock in happens, a further migration to a new service provider is almost completely
impractical and extortionate in terms of the costs involved (Leavitt, 2009). Is cloud
computing really ready for prime time. Growth, 27(5), pp.15-20.. Considering the impending
scenario of Aztek deciding to bypass the lock in restrictions provided by its current cloud
service provider and decides to change its data and service repositories to a new service
provider, there would be many operation and technological complications to be considered.
The major problem that would be faced by Aztek would be that all the data and related
service oriented statistical inputs should be transferred to an in house repository first. Once
the data has been moved to an in house repository, further measures could be taken to transfer
the information and data back to the new cloud service provider’s data repositories. This
would involve a lot shuffle and technological changes that would prove to be extremely
cumbersome.
While doing a risk assessment of the above problem, it could be inferred that by following
certain measures the impending risks could be countered effectively or prevented altogether.
By having an in depth analysis about the cloud service providers guidelines and
instructions about data migration procedures the management of Aztek can have an
estimate of the costs that would be involved in case of an impending lock in issue with
the vendor.
Have a prior enquiry about the procedures and methods that the cloud service provider
follows currently for its present customers. Scrutinize and evaluate the tools that are
being offered for the migration of data that happens in a large scale.
Page 12
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 19
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.