• Cloud Computing Publications
• Cloud Computing for Business
• What is Cloud?
• Why Cloud?
• Establishing your Cloud Vision
• Buying Cloud Services
• Understanding Cloud Risk
• Building ROI from Cloud Computing
• The Challenge
• Cloud Computing in Use
• Glossary
• Printed Edition
• Referenced Documents
• Acknowledgements
• Legal
• Maximizing the Value of Cloud for Small-Medium Enterprises
• The Open Group Cloud Ecosystem Reference Model
• Cloud Computing Portability and Interoperability
• Cloud Computing Governance Framework
• Building Return on Investment from Cloud Computing
• Cloud Computing White Papers

---

Open Platform 3.0^™ Publications

The Cloud Computing Work Group

Open Platform 3.0^™ Home

Cloud Computing for Business – Referenced Documents

 

The following documents are referenced in this Guide:

[BUSSCEN]	Cloud Computing Business Scenario Workshop, Report, August 2009 (R091), published by The Open Group; refer to: www.opengroup.org/bookstore/catalog/r091.htm.
[BUYERSTREE]	Cloud Buyers' Decision Tree, White Paper, July 2010 (W107), published by The Open Group; refer to: www.opengroup.org/bookstore/catalog/w107.htm.
[BUYERSQ]	Cloud Buyers' Requirements Questionnaire, Version 1.0, White Paper, July 2010 (W108), published by The Open Group; refer to: www.opengroup.org/bookstore/catalog/w108.htm.
[CBUC]	Strengthening your Business Case for Using Cloud, White Paper, July 2010 (W106), published by The Open Group; refer to: www.opengroup.org/bookstore/catalog/w106.htm.
[CHRISTENSEN]	The Innovator’s Dilemma – When New Technologies Cause Great Firms to Fail, Clayton M. Christensen, Harvard Business School Press, ISBN: 0-87584-585-1.
[CLOUDROI]	Building Return on Investment from Cloud Computing, White Paper, April 2010 (W104), published by The Open Group; refer to: www.opengroup.org/bookstore/catalog/w104.htm.
[COSO]	Committee of Sponsoring Organizations of the Treadway Commission (COSO); refer to: www.coso.org.
[CSA]	Cloud Security Alliance; refer to: www.cloudsecurityalliance.org.
[D&A]	Rethinking Risk Management, Audrey Dorofee and Christopher Alberts, CMU SEI; refer to: www.sei.cmu.edu/library/abstracts/risk/upload/dorofeetutorialndia09_8819.pdf.
[DIACAP]	US Department of Defense Information Assurance Certification and Accreditation Program (DIACAP), 2007.
[DMTF]	Distributed Management Task Force; refer to: www.dmtf.org.
[ECLIPSE]	Eclipse Foundation; refer to: www.eclipse.org.
[EUCALYPTUS]	Eucalyptus: An Open Source Cloud Computing Infrastructure, Daniel Nurmi, Rich Wolski, Chris Grzegorczyk, Graziano Obertelli, Sunil Soman, Lamia Youseff, Dmitrii Zagorodnov; refer to: http://iopscience.iop.org/1742-6596/180/1/012051/pdf/jpconf9_180_012051.pdf.
[EU 95/46/EC]	EU Data Protection Directive 95/46/EC, October 1995, European Parliament and the Council of the European Union.
[EXAMPLES]	Downloadable spreadsheets containing data for the large examples in this book; refer to www.opengroup.org/cloudcomputing/doc.tpl?dcat=22&gdid=24635&lastver=Y.
[FAIR]	The Open Group FAIR – ISO/IEC 27005 Cookbook, Technical Guide, November 2010 (C103), published by The Open Group; refer to: www.opengroup.org/bookstore/catalog/c103.htm.
[FEDRAMP]	US Federal Risk and Authorization Management Program (FedRAMP); refer to: www.cio.gov/pages.cfm/page/Federal-Risk-and-Authorization-Management-Program-FedRAMP.
[FEDSTRAT]	Federal Cloud Computing Strategy, Vivek Kundra, US Chief Information Officer, February 2011; refer to: www.cio.gov/documents/Federal-Cloud-Computing-Strategy.pdf.
[FISMA]	US Federal Information Security Management Act (FISMA), 2002.
[GLBA]	US Gramm-Leach-Bliley Act (GLBA), 1999.
[HIPAA]	US Health Insurance Portability & Accountability Act (HIPAA), 1996.
[ICAEW]	ICAEW Risk Management for SMEs; refer to: www.icaew.com.
[ISO 31000]	ISO 31000:2009, Risk Management – Principles and Guidelines; refer to: www.iso.org/iso/catalogue_detail.htm?csnumber=43170.
[ISAE 3402]	International Standards for Assurance Engagements (ISAE) No. 3402.
[SSAE 16]	Statement on Standards for Attestation Engagements (SSAE) No. 16.
[ITIL]	Information Technology Infrastructure Library; refer to: www.itil.org.uk.
[IYAR]	Why Buy the Cow, Subrah S. Iyar, Webex Communications, ISBN: 9780615163130.
[LONG TAIL]	The Long Tail: Why the Future of Business is Selling Less of More, Chris Anderson, New York: Hyperion, ISBN: 9781401309664.
[MCDONALD]	Legal and Quasi-Legal Issues in Cloud Computing Contracts, Steve McDonald, General Counsel at the Rhode Island School of Design; refer to: http://net.educause.edu/section_params/conf/CCW10/issues.pdf.
[NIST]	The NIST Definition of Cloud Computing, Version 15; refer to: www.nist.gov/itl/cloud/upload/cloud-def-v15.pdf.
[O-ACEML]	Open Automated Compliance Expert Markup Language (O-ACEML), Technical Standard, May 2011 (C111), published by The Open Group; refer to: www.opengroup.org/bookstore/catalog/c111.htm.
[OAuth]	An Open Protocol to Allow Secure API Authorization in a Simple and Standard Method from Desktop and Web Applications; refer to: http://oauth.net/.
[OGF]	Open Grid Forum; refer to: www.ogf.org.
[ORANGE BOOK]	The Orange Book: Management of Risk – Principles and Concepts; refer to: http://hm-treasury.gov.uk/d/orange_book.pdf.
[PCI-DSS]	Payment Card Industry Data Security Standard (PCI DSS); refer to: www.pcisecuritystandards.org.
[RISK]	Risk Taxonomy, Technical Standard, January 2009 (C081), published by The Open Group; refer to: www.opengroup.org/bookstore/catalog/c081.htm.
[SEI RISK]	CMU SEI Risk and Opportunity Management; refer to: www.sei.cmu.edu/risk/.
[SNIA]	Storage Networking Industry Association; refer to: www.snia.org.
[SOX]	US Sarbanes-Oxley Act (SOX), 2002.
[SWITCH]	The Big Switch: Rewiring the World, from Edison to Google, Nicholas Carr, ISBN-10: 0393062287.
[TOGAF]	The Open Group Architecture Framework (TOGAF); refer to: www.opengroup.org/togaf.
[TPC]	Transaction Processing Performance Council; refer to: www.tpc.org.
[UNIX]	The UNIX System; refer to: www.opengroup.org/unix.
[UPTIME]	Uptime Institute; refer to: www.uptimeinstitute.org.