Cloud Computing for Business – Referenced Documents
The following documents are referenced in this Guide:
[BUSSCEN] | Cloud Computing Business Scenario Workshop, Report, August 2009 (R091), published by The Open Group; refer to: www.opengroup.org/bookstore/catalog/r091.htm. |
[BUYERSTREE] | Cloud Buyers' Decision Tree, White Paper, July 2010 (W107), published by The Open Group; refer to: www.opengroup.org/bookstore/catalog/w107.htm. |
[BUYERSQ] | Cloud Buyers' Requirements Questionnaire, Version 1.0, White Paper, July 2010 (W108), published by The Open Group; refer to: www.opengroup.org/bookstore/catalog/w108.htm. |
[CBUC] | Strengthening your Business Case for Using Cloud, White Paper, July 2010 (W106), published by The Open Group; refer to: www.opengroup.org/bookstore/catalog/w106.htm. |
[CHRISTENSEN] | The Innovator’s Dilemma – When New Technologies Cause Great Firms to Fail, Clayton M. Christensen, Harvard Business School Press, ISBN: 0-87584-585-1. |
[CLOUDROI] | Building Return on Investment from Cloud Computing, White Paper, April 2010 (W104), published by The Open Group; refer to: www.opengroup.org/bookstore/catalog/w104.htm. |
[COSO] | Committee of Sponsoring Organizations of the Treadway Commission (COSO); refer to: www.coso.org. |
[CSA] | Cloud Security Alliance; refer to: www.cloudsecurityalliance.org. |
[D&A] | Rethinking Risk Management, Audrey Dorofee and Christopher Alberts, CMU SEI; refer to: www.sei.cmu.edu/library/abstracts/risk/upload/dorofeetutorialndia09_8819.pdf. |
[DIACAP] | US Department of Defense Information Assurance Certification and Accreditation Program (DIACAP), 2007. |
[DMTF] | Distributed Management Task Force; refer to: www.dmtf.org. |
[ECLIPSE] | Eclipse Foundation; refer to: www.eclipse.org. |
[EUCALYPTUS] | Eucalyptus: An Open Source Cloud Computing Infrastructure, Daniel Nurmi, Rich Wolski, Chris Grzegorczyk, Graziano Obertelli, Sunil Soman, Lamia Youseff, Dmitrii Zagorodnov; refer to: http://iopscience.iop.org/1742-6596/180/1/012051/pdf/jpconf9_180_012051.pdf. |
[EU 95/46/EC] | EU Data Protection Directive 95/46/EC, October 1995, European Parliament and the Council of the European Union. |
[EXAMPLES] | Downloadable spreadsheets containing data for the large examples in this book; refer to www.opengroup.org/cloudcomputing/doc.tpl?dcat=22&gdid=24635&lastver=Y. |
[FAIR] | The Open Group FAIR – ISO/IEC 27005 Cookbook, Technical Guide, November 2010 (C103), published by The Open Group; refer to: www.opengroup.org/bookstore/catalog/c103.htm. |
[FEDRAMP] | US Federal Risk and Authorization Management Program (FedRAMP); refer to: www.cio.gov/pages.cfm/page/Federal-Risk-and-Authorization-Management-Program-FedRAMP. |
[FEDSTRAT] | Federal Cloud Computing Strategy, Vivek Kundra, US Chief Information Officer, February 2011; refer to: www.cio.gov/documents/Federal-Cloud-Computing-Strategy.pdf. |
[FISMA] | US Federal Information Security Management Act (FISMA), 2002. |
[GLBA] | US Gramm-Leach-Bliley Act (GLBA), 1999. |
[HIPAA] | US Health Insurance Portability & Accountability Act (HIPAA), 1996. |
[ICAEW] | ICAEW Risk Management for SMEs; refer to: www.icaew.com. |
[ISO 31000] | ISO 31000:2009, Risk Management – Principles and Guidelines; refer to: www.iso.org/iso/catalogue_detail.htm?csnumber=43170. |
[ISAE 3402] | International Standards for Assurance Engagements (ISAE) No. 3402. |
[SSAE 16] | Statement on Standards for Attestation Engagements (SSAE) No. 16. |
[ITIL] | Information Technology Infrastructure Library; refer to: www.itil.org.uk. |
[IYAR] | Why Buy the Cow, Subrah S. Iyar, Webex Communications, ISBN: 9780615163130. |
[LONG TAIL] | The Long Tail: Why the Future of Business is Selling Less of More, Chris Anderson, New York: Hyperion, ISBN: 9781401309664. |
[MCDONALD] | Legal and Quasi-Legal Issues in Cloud Computing Contracts, Steve McDonald, General Counsel at the Rhode Island School of Design; refer to: http://net.educause.edu/section_params/conf/CCW10/issues.pdf. |
[NIST] | The NIST Definition of Cloud Computing, Version 15; refer to: www.nist.gov/itl/cloud/upload/cloud-def-v15.pdf. |
[O-ACEML] | Open Automated Compliance Expert Markup Language (O-ACEML), Technical Standard, May 2011 (C111), published by The Open Group; refer to: www.opengroup.org/bookstore/catalog/c111.htm. |
[OAuth] | An Open Protocol to Allow Secure API Authorization in a Simple and Standard Method from Desktop and Web Applications; refer to: http://oauth.net/. |
[OGF] | Open Grid Forum; refer to: www.ogf.org. |
[ORANGE BOOK] | The Orange Book: Management of Risk – Principles and Concepts; refer to: http://hm-treasury.gov.uk/d/orange_book.pdf. |
[PCI-DSS] | Payment Card Industry Data Security Standard (PCI DSS); refer to: www.pcisecuritystandards.org. |
[RISK] | Risk Taxonomy, Technical Standard, January 2009 (C081), published by The Open Group; refer to: www.opengroup.org/bookstore/catalog/c081.htm. |
[SEI RISK] | CMU SEI Risk and Opportunity Management; refer to: www.sei.cmu.edu/risk/. |
[SNIA] | Storage Networking Industry Association; refer to: www.snia.org. |
[SOX] | US Sarbanes-Oxley Act (SOX), 2002. |
[SWITCH] | The Big Switch: Rewiring the World, from Edison to Google, Nicholas Carr, ISBN-10: 0393062287. |
[TOGAF] | The Open Group Architecture Framework (TOGAF); refer to: www.opengroup.org/togaf. |
[TPC] | Transaction Processing Performance Council; refer to: www.tpc.org. |
[UNIX] | The UNIX System; refer to: www.opengroup.org/unix. |
[UPTIME] | Uptime Institute; refer to: www.uptimeinstitute.org. |