Implementing Risk Management Processes Into a Cloud Computing Environment

Implementing Risk Management Processes Into a Cloud Computing Environment

Samer Alhawari, Mufleh Amin AL Jarrah, Wa'el Hadi
DOI: 10.4018/978-1-5225-5481-3.ch043
(Individual Chapters)
No Current Special Offers


With the significant advances in Information and Communications Technology (ICT) over the last half a century, the Cloud computing paradigm is one of the most discussed topics in the field of ICT today. Additionally, Cloud computing has a critical role in today's business world. Without risk management processes embedded into innovative technology that supports Cloud computing, businesses are setting themselves up for a fall. Hence, in this paper, the authors propose a conceptual model of implementing risk management processes into a Cloud computing environment. It highlights the different processes of risk management (risk identification, risk analysis, risk planning, risk execution, and risk monitoring) and how their existence can affect the Cloud environment to ensure proper protection of data and information in order to ensure Cloud networks and connections are secure.
Chapter Preview

1. Introduction

Cloud computing involves the use of remote servers over the Internet to deliver on-demand access to information facilities. Additionally, Cloud computing has become an increasingly popular means of delivering precious Information Technology-assisted business services. In recent years, Al-Rousan (2015) explained that the Cloud computing model gives a new and promising vision regarding Information and Communications Technology (ICT). Additionally, Drissi et al. (2013) noted that the increase in the development of Cloud computing and the changes in technology have resulted in new ways for Cloud providers to deliver their services to Cloud consumers. A study by Sangwan and Rathi (2014) affirmed/acknowledged that the concept of Cloud computing refers to the building of IT services that use advanced computational influence and enhanced storage capabilities. Additionally, AlSudiar and Vasista (2013) described that Cloud computing is a new paradigm in the domain of IT development.

While numerous studies related to Cloud computing have been conducted such as (Badger et al. (2011)., Abiodun (2013)., Al Mourad and Hussain (2014)., AlSudiar and Vasista (2013)., and Sangwan and Rathi (2014)), there has been a definite lack of academic effort to address the issue of risk management processes (risk identification, risk analysis, risk planning, risk execution and risk control) in the Cloud computing service model and Cloud computing deployment model as an integrated model. Thus, this paper attempts to contribute to this field by addressing one of the concerns related to Cloud computing and by presenting a reliable technique of employing the risk management processes as an effective model in the Cloud computing service model and Cloud computing deployment model. In this paper, the problem focuses on the Cloud computing risks. The development of this paper was mainly motivated by the fact that there is no research paper that shows the impact of risk management processes on the Cloud computing service model and Cloud computing deployment model as an integrated model. Therefore, to fill this gap, this research has been conducted to address the idea. The aim of this paper therefore is to shed light on establishing the conceptual model and discussing the current trends in the space of Cloud computing. Also, Cloud computing has the ability to reduce the cost of any computing execution and convey the computing as a service, where the customers pay only for what they desire and use (Albakri et al., 2014). With the advancement of modern society, Cloud computing practice is developing at a fast pace and is often the only approach through which organizations can cope with the ever changing requirements. However, the lack of confidence in the risk management practices of Cloud providers has led to hesitancy in the face of Cloud acceptance in some organizations. Recently, Tot et al. (2015) noted that the managers of the clients’ information security system must study the nature of business, degree of information control and security risks in a Cloud computing environment. Cloud computing ensures that information can be accessed from anywhere so long as an Internet connection is available (Almgren, 2014). However, despite the threats that are related to Cloud computing, most organizations do not have plans on how to deal with these threats. As such, there is a need to adopt a risk management processes tool that can be used to deal with these threats. Additionally, Bisong and Rahman (2011) maintained that successful implementation of Cloud computing in an organization requires correct planning and understanding of emerging risks.

The paper is divided into different sections, with section two focusing on the survey of recent works in a Cloud computing environment, risk and risk management processes models. In section three, we propose our conceptual risk management model for a Cloud computing environment. In section four, we describe the implications of the findings and the practical implementation. Conclusions are addressed in section five.

Complete Chapter List

Search this Book: