Cloud computing is a relatively immature computing paradigm that could significantly benefit users. Cloud computing solutions are often associated with potential benefits such as cost reduction, less administrative hassle, flexibility and scalability. For organisations to realize such potential benefits, cloud computing solutions need to be chosen, implemented, managed and governed in a way that is secure, compliant with internal and external requirements and indicative of due diligence. This can be a challenge, given the many concerns and risks commonly associated with cloud computing solutions. One cloud computing solution that is being widely adopted around the world is cloud-based email. One of the foremost adopters of this cloud computing solution is higher education institutions. These higher education institutions stand to benefit greatly from using such services. Cloud-based email can be provisioned to staff and students at these institutions for free. Additionally, cloud service providers (CSPs) are able to provide a better email service than some higher education institutions would be able to provide if they were required to do so in-house. CSPs often provide larger inboxes and many extra services with cloud-based email. Cloud-based email is, therefore, clearly an example of a cloud computing solution that has the potential to benefit organisations. There are however, risks and challenges associated with the use of this cloud computing solution. Two of these challenges relate to ensuring conformance to internal and external (legal, regulatory and contractual obligations) requirements and to providing a mechanism of assuring that cloud-based email related activities are sound. The lack of structured guidelines for assuring the conformance of cloud-based email is putting this service at risk at higher education institutions in South Africa. This work addresses this problem by promoting a best practice based approach to assuring the conformance of cloud-based email at higher education institutions. To accomplish this, components of applicable standards and best practice guidelines for IT governance, IT assurance and IT conformance are used to construct a framework for assuring the conformance of cloud-based email. The framework is designed and verified using sound design science principles. The utility and value of the framework has been demonstrated at a higher education institution in South Africa. This framework can be used to assist higher education institutions to demonstrate due diligence in assuring that they conform to legal and best practice requirements for the management and governance of cloud-based email. This is a significant contribution in the relatively new field of cloud computing governance.
Identifer | oai:union.ndltd.org:netd.ac.za/oai:union.ndltd.org:nmmu/vital:9815 |
Date | January 2013 |
Creators | Willett, Melanie |
Publisher | Nelson Mandela Metropolitan University, Faculty of Engineering, the Built Environment and Information Technology |
Source Sets | South African National ETD Portal |
Language | English |
Detected Language | English |
Type | Thesis, Doctoral, PhD |
Format | x, 279 leaves, pdf |
Rights | Nelson Mandela Metropolitan University |
Page generated in 0.0025 seconds