Cloud Computing Resources for IT Service Architects

April 2011

NIST (U.S National Institute of Standards and Technology) Cloud Computing Security Working Group (NCC-SWG) publishes this page to consolidate concerns of cloud transformation due to the changes in control dynamics (both in terms of ownership and management).

 NIST Cloud Computing Collaboration Site

The group aims to to develop a security guidance based on standards and best practices for ensuring implementation of appropriate controls. Highly recommended resource for any IT Service / Security Architect considering cloud to source IT services.

Unifying IT Best Practice Frameworks and Standards within TOGAF

April 2011

All IT best practice frameworks and standards have a common goal; building and operating IT effectively and efficiently to add value to the business it drives and to maintain information assurance. An enterprise successfully applying best practice frameworks and standards will more likely have advantage against its competitors as it develops a clear IT strategy reflecting the requirements of its business strategy, makes effective and transparent investments, manages its performance, and acts in compliance with regulatory and contractual requirements.

There are various work groups and institutions compiling best practices and defining standards with similar motivations. It is sometimes confusing for an organization which framework or standard to follow and very often there is a need to align more than one standard or framework due to varying reasons, such as competitive, contractual or regulatory requirements. The dispersion of requirements across various organizational functions and the duplication of information contained within different frameworks may often cause distractions, lack of ownership and stakeholder commitment, and long running redundant efforts with fragmentation issues. Demonstrating the return of investment can also be challenging in many of these projects.