topic Simple effective cloud adoption and strategy for better L2 assurance work in Governance, Risk, Compliance https://community.isc2.org/t5/Governance-Risk-Compliance/Simple-effective-cloud-adoption-and-strategy-for-better-L2/m-p/47075#M461 <P><SPAN>Hi All,</SPAN><BR /><SPAN>As line two looking and cloud risk, I want to know what strategy / architecture can be adopted for a customer (banking) who has so far adopted cloud in a fragmented manner with no centralized model (dump things here and there, open tenants here tenants there across AWS, Azure, Google) causing whole painful and time-consuming yet inefficient cloud / tenant reassessment for risk and security teams every time they open a tenant or introduce a cloud service, etc. With the aim to achieve simplification and consistency across cloud controls and ongoing cloud assurance and assessment. I am looking for a recommendation / strategy to rectify what is already in place and avoid ad-hoc ineffective cloud adoption as business initiatives come up. A robust model / approach to address above mentioned challenges. Please also share any article / resources for this matter.</SPAN><BR /><SPAN>Thank you in advance.</SPAN></P> Mon, 23 Aug 2021 11:13:36 GMT rami99 2021-08-23T11:13:36Z Simple effective cloud adoption and strategy for better L2 assurance work https://community.isc2.org/t5/Governance-Risk-Compliance/Simple-effective-cloud-adoption-and-strategy-for-better-L2/m-p/47075#M461 <P><SPAN>Hi All,</SPAN><BR /><SPAN>As line two looking and cloud risk, I want to know what strategy / architecture can be adopted for a customer (banking) who has so far adopted cloud in a fragmented manner with no centralized model (dump things here and there, open tenants here tenants there across AWS, Azure, Google) causing whole painful and time-consuming yet inefficient cloud / tenant reassessment for risk and security teams every time they open a tenant or introduce a cloud service, etc. With the aim to achieve simplification and consistency across cloud controls and ongoing cloud assurance and assessment. I am looking for a recommendation / strategy to rectify what is already in place and avoid ad-hoc ineffective cloud adoption as business initiatives come up. A robust model / approach to address above mentioned challenges. Please also share any article / resources for this matter.</SPAN><BR /><SPAN>Thank you in advance.</SPAN></P> Mon, 23 Aug 2021 11:13:36 GMT https://community.isc2.org/t5/Governance-Risk-Compliance/Simple-effective-cloud-adoption-and-strategy-for-better-L2/m-p/47075#M461 rami99 2021-08-23T11:13:36Z Re: Simple effective cloud adoption and strategy for better L2 assurance work https://community.isc2.org/t5/Governance-Risk-Compliance/Simple-effective-cloud-adoption-and-strategy-for-better-L2/m-p/47409#M479 <P>It is a decent methodology to pick applications that are independent and easy to relocate so the disturbance is restricted to that application and spotlight is on gaining from the cloud reception measures.</P> Thu, 09 Sep 2021 09:45:58 GMT https://community.isc2.org/t5/Governance-Risk-Compliance/Simple-effective-cloud-adoption-and-strategy-for-better-L2/m-p/47409#M479 Purdy95 2021-09-09T09:45:58Z