Reflecting on Whether Checklists Can Tick the Box for Cloud Security

Robert Anderson Keith Duncan, Mark Whittington

Research output: Chapter in Book/Report/Conference proceedingConference contribution

16 Downloads (Pure)

Abstract

All Cloud computing standards are dependent upon checklist methodology to implement and then audit the alignment of a company or an operation with the standards that have been set. An investigation of the use of checklists in other academic areas has shown there to be significant weaknesses in the checklist solution to both implementation and audit; these weaknesses will only be exacerbated by the fast-changing and developing nature of clouds. We examine the problems that are inherent with using checklists and seek to identify some mitigating strategies that might be adopted to improve their efficacy.
Original languageEnglish
Title of host publication2014 IEEE 6th International Conference on Cloud Computing Technology and Science
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Pages805-810
Number of pages6
ISBN (Print)9781479940929
Publication statusPublished - 18 Dec 2014
Event2014 IEEE 6th International Conference on Cloud Computing Technology and Science (CloudCom) - Nanyang Executive Centre, Nanyang Technological University, Singapore, Singapore
Duration: 15 Aug 201618 Aug 2016
http://cipsijoomla.ux.uis.no/cloudcom2014/

Conference

Conference2014 IEEE 6th International Conference on Cloud Computing Technology and Science (CloudCom)
Abbreviated titleCloudCom 2014
CountrySingapore
CitySingapore
Period15/08/1618/08/16
Internet address

Fingerprint

Ticks
Check list
Audit
Alignment
Efficacy
Methodology
Cloud computing

Keywords

  • security
  • standards
  • compliance
  • assurance
  • audit

Cite this

Duncan, R. A. K., & Whittington, M. (2014). Reflecting on Whether Checklists Can Tick the Box for Cloud Security. In 2014 IEEE 6th International Conference on Cloud Computing Technology and Science (pp. 805-810). Institute of Electrical and Electronics Engineers (IEEE).

Reflecting on Whether Checklists Can Tick the Box for Cloud Security. / Duncan, Robert Anderson Keith; Whittington, Mark.

2014 IEEE 6th International Conference on Cloud Computing Technology and Science. Institute of Electrical and Electronics Engineers (IEEE), 2014. p. 805-810.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Duncan, RAK & Whittington, M 2014, Reflecting on Whether Checklists Can Tick the Box for Cloud Security. in 2014 IEEE 6th International Conference on Cloud Computing Technology and Science. Institute of Electrical and Electronics Engineers (IEEE), pp. 805-810, 2014 IEEE 6th International Conference on Cloud Computing Technology and Science (CloudCom), Singapore, Singapore, 15/08/16.
Duncan RAK, Whittington M. Reflecting on Whether Checklists Can Tick the Box for Cloud Security. In 2014 IEEE 6th International Conference on Cloud Computing Technology and Science. Institute of Electrical and Electronics Engineers (IEEE). 2014. p. 805-810
Duncan, Robert Anderson Keith ; Whittington, Mark. / Reflecting on Whether Checklists Can Tick the Box for Cloud Security. 2014 IEEE 6th International Conference on Cloud Computing Technology and Science. Institute of Electrical and Electronics Engineers (IEEE), 2014. pp. 805-810
@inproceedings{39099f06285d4393a9e1b64f04b3549f,
title = "Reflecting on Whether Checklists Can Tick the Box for Cloud Security",
abstract = "All Cloud computing standards are dependent upon checklist methodology to implement and then audit the alignment of a company or an operation with the standards that have been set. An investigation of the use of checklists in other academic areas has shown there to be significant weaknesses in the checklist solution to both implementation and audit; these weaknesses will only be exacerbated by the fast-changing and developing nature of clouds. We examine the problems that are inherent with using checklists and seek to identify some mitigating strategies that might be adopted to improve their efficacy.",
keywords = "security, standards, compliance, assurance, audit",
author = "Duncan, {Robert Anderson Keith} and Mark Whittington",
year = "2014",
month = "12",
day = "18",
language = "English",
isbn = "9781479940929",
pages = "805--810",
booktitle = "2014 IEEE 6th International Conference on Cloud Computing Technology and Science",
publisher = "Institute of Electrical and Electronics Engineers (IEEE)",

}

TY - GEN

T1 - Reflecting on Whether Checklists Can Tick the Box for Cloud Security

AU - Duncan, Robert Anderson Keith

AU - Whittington, Mark

PY - 2014/12/18

Y1 - 2014/12/18

N2 - All Cloud computing standards are dependent upon checklist methodology to implement and then audit the alignment of a company or an operation with the standards that have been set. An investigation of the use of checklists in other academic areas has shown there to be significant weaknesses in the checklist solution to both implementation and audit; these weaknesses will only be exacerbated by the fast-changing and developing nature of clouds. We examine the problems that are inherent with using checklists and seek to identify some mitigating strategies that might be adopted to improve their efficacy.

AB - All Cloud computing standards are dependent upon checklist methodology to implement and then audit the alignment of a company or an operation with the standards that have been set. An investigation of the use of checklists in other academic areas has shown there to be significant weaknesses in the checklist solution to both implementation and audit; these weaknesses will only be exacerbated by the fast-changing and developing nature of clouds. We examine the problems that are inherent with using checklists and seek to identify some mitigating strategies that might be adopted to improve their efficacy.

KW - security

KW - standards

KW - compliance

KW - assurance

KW - audit

M3 - Conference contribution

SN - 9781479940929

SP - 805

EP - 810

BT - 2014 IEEE 6th International Conference on Cloud Computing Technology and Science

PB - Institute of Electrical and Electronics Engineers (IEEE)

ER -