Apac
  • Home
  • CXO Insights
  • CIO Views
  • News
  • Conferences
  • Newsletter
  • Whitepapers
  • About us
Apac
  • Admired Tech

    Agile

    AI Healthcare

    Artificial Intelligence

    Augmented Reality

    Aviation

    Big Data

    Blockchain

    Cloud

    Cryptocurrency

    Cyber Security

    DevOps

    Digital Transformation

    Drone

    HPC

    Infrared

    Internet of Things

    IT Services

    Marine Tech

    Networking

    PropTech

    Remote Work

    Robotics

    Scheduling Software

    Sensor Tech

    Simulation

    Smart City

    Software Testing

    Startup

    Storage

    Unified Communication

    Web Development

    Wireless

  • Automotive

    Banking

    Capital Market

    Construction

    E-Commerce

    Education

    FinTech

    Food and Beverages

    Gov and Public

    Healthcare

    Insurance

    Legal

    Logistics

    Manufacturing

    Media and Entertainment

    Metals and Mining

    Pharma and Life Science

    Retail

    Sports

    Travel and Hospitality

  • CISCO

    Google

    IBM

    Microsoft

    Oracle

    Salesforce

    SAP

    ServiceNow

  • Business Intelligence

    CEM

    Cloud-based Planning

    Cognitive

    Collaboration

    Compliance

    Contact Center

    Contact Tracing

    Contactless Payments

    Corporate Finance

    CRM

    Custom Software Development

    Data Center

    Digital Signage

    Enterprise Architecture

    Enterprise Asset Management

    Enterprise Communications

    Enterprise Contract Management

    Enterprise Performance Management

    ERP

    Facility Management

    Field Service

    Fleet Management

    Gamification

    HR Technology

    IT Infrastructure

    IT Service Management

    Managed Services

    PLM

    Procurement

    Product Management

    Project Management

    RegTech

    Revenue Management

    Sales Tech

Menu
    • Compliance
    • CISCO
    • Collaboration
    • Contact Center
    • Healthcare
    • IT Service Management
    • Microsoft
    • Retail
    • MORE
    #

    Apac CIO Outlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIO Outlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    • Compliance
    Editor's Pick (1 - 4 of 8)
    left
    Welcoming Big Data Technology amidst Changes

    Darren Cockrel, CIO, Coyote Logistics

    Leveraging Compliance to Your Advantage

    Mark Bloom, Global CIO, Aegon

    Demystifying the Role of IT in Millennial Organizations

    Jeff Fithian, VP, Strategic Initiatives and CIO, Dynamic Materials Corporation

    Productivity and Security- Can you ever have both?

    Julie Cullivan, SVP, Business Operations & CIO, Fireeye

    Lessons Learned from a CIO

    John Miller, Vice President and CIO, American Textile Company

    Digital Transformation: Prerequisites for Success in the Insurance Industry

    Nicole Kellenberger, Global Eadmin Lead, Swiss RE and Sven Scandella, Head of ITP&C Business Management, Swiss RE

    Lessons Learnt on Compliance and Culture Change

    Paula Cristina Spirandio, Compliance Manager, Gunvor Group

    Vinayak Bindal, Sub-Regional Compliance Officer, Sea, Merck

    right

    Compliance in the Cloud

    By Vasyl Nair, Chief Risk Officer, Mine Super & Louis Leung, Executive General Manager Group Risk and Compliance, Mine Super

    Tweet
    content-image

    Vasyl Nair, Chief Risk Officer, Mine Super & Louis Leung, Executive General Manager Group Risk and Compliance, Mine Super

    You’ve secured funding and support to launch your new cloud-based strategy with a business case, vendor short list and project plan all finalised. Well, how about understanding your compliance obligations?

    Whilst moving to the cloud has become an increasingly popular business strategy, securing compliance in the cloud can be significantly more difficult. The task of Googling a “cloud compliance checklist” is likely to surface more questions than answers. You’ll likely spend more time filtering through sales material than finding any practical guidance on the topic.

    Seek technical help

    Fortunately, you’re not alone and the places to ask for help aren’t always obvious. Whilst larger organisations typically have in-house risk and legal teams, it may not be as easy for Chief Information Officers who don’t have access to dedicated internal resources. As a result, you may need to carefully consider the cost-benefit of hiring or appointing external technology risk professionals or compliance specialists with prior cloud experience to help you achieve your objectives.

    You may also want to consider audit firms that offer consulting services or specialised businesses such as managed security service providers. Whether you hire or outsource this capability, the key to delivering quality outcomes is by ensuring you have the right mix of capabilities to understand your compliance obligations and deliver your project.

    Determine what’s important

    Once you have capabilities sourced, you’ll need to identify what your compliance obligations are. This is where investing time upfront will help you mitigate the emergence of last-minute surprises that can derail a project. You might consider:
    1. Internal policy obligations – surprisingly, internal policies are a great place to start. This is where the rest of your management team have already summarised key obligations across your business. You’ll find vital clues on where to go for more information on a wide range of topics such as privacy, vendor due diligence and technology security.

    2. Legislative obligations – consider the legal jurisdictions your business (and short list of cloud providers) operate in and whether any offshore obligations apply. At minimum you should be considering privacy and data retention laws in addition to any other legal domains that are relevant to your business and what’s being moved into the cloud.

    3. Regulatory guidance – are there any regulators that oversee your business and do they have a documented posture in relation to cloud-based arrangements? In Australia, licensed financial services entities must meet specific requirements set out by the local regulator for outsourcing arrangements that involve the cloud.

    4. Contractual obligations – depending on what is being moved into the cloud, you might also want to review existing contracts in place with suppliers and customers. This includes reviewing your cloud service provider to understand how your risks are being managed. For example, who will be liable when your cloud provider experiences a problem that impacts your service and causes a downstream contractual breach?

    5. Industry standards – pay attention to any certifications or assurance your business provides to suppliers and customers. Industry standards or audit requirements (such as IT General Controls) may result in additional work required to maintain compliance.

    Getting it done

    Don’t be too surprised if you end up with a laundry list of compliance driven work that seems larger than the work set down in your original implementation plan. Your compliance checklist can serve as your obligations register. You can quickly identify recurring themes to group these into key risks that affect your business. For example, you’ll likely identify availability, security, vendor, data migration and strategy as key risk themes linked to work areas.

    Once you have your compliance obligations grouped by risks, you should start considering what controls are required to manage these risks (which may include the risk of breaching compliance obligations) and how these are integrated into your overall implementation plan.

    At this stage you should also consider the need to document any contingency plans required to address how you will handle potential breaches. For example, if you had a major data breach will your team be able to quickly map the critical path to resolution? The same logic should be applied to managing IT security incidents and general business continuity.

    Ensuring you document this end-to-end process is vital as this will help you later when you need to provide evidence to your auditors on how you’ve identified your compliance obligations, your compliance risks and how these are being effectively managed as you transition to the cloud.
    tag

    Financial

    Business Continuity

    Weekly Brief

    loading

    Featured Vendor

    • ACTICO: Leveraging AI for Compliance Management
      ACTICO: Leveraging AI for Compliance Management
    Top 10 Compliance Solution Companies - 2020
    ON THE DECK

    Content Management System 2020

    Top Vendors

    Contactless Payments 2020

    Top Vendors

    Admired Tech 2020

    Top Vendors

    Corporate Finance 2020

    Top Vendors

    AI 2020

    Top Vendors

    Travel and Hospitality 2020

    Top Vendors

    Startup 2020

    Top Vendors

    Networking 2020

    Top Vendors

    FinTech 2020

    Top Vendors

    CRM 2020

    Top Vendors

    Scheduling Software 2020

    Top Vendors

    Education 2020

    Top Vendors

    Business Intelligence 2020

    Top Vendors

    PropTech 2020

    Top Vendors

    Salesforce 2020

    Top Vendors

    Big Data 2020

    Top Vendors

    Simulation 2020

    Top Vendors

    Product Management 2020

    Top Vendors

    Legal 2020

    Top Vendors

    Remote Work 2020

    Top Vendors

    Cryptocurrency 2020

    Top Vendors

    CEM 2020

    Top Vendors

    Insurance 2020

    Top Vendors

    Data Center 2020

    Top Vendors

    Banking 2020

    Top Vendors

    RegTech 2020

    Top Vendors

    Wireless 2020

    Top Vendors

    Procurement 2020

    Top Vendors

    Cognitive 2020

    Top Vendors

    Drone 2020

    Top Vendors

    HR Technology 2020

    Top Vendors

    HPC 2020

    Top Vendors

    Pharma and Life Science 2020

    Top Vendors

    SAP 2020

    Top Vendors

    Food and Beverages 2020

    Top Vendors

    Cloud 2020

    Top Vendors

    Blockchain 2020

    Top Vendors

    Cloud 2020

    Top Vendors

    Logistics 2020

    Top Vendors

    Augmented Reality 2020

    Top Vendors

    Contact Center 2020

    Top Vendors

    Oracle 2020

    Top Vendors

    Cyber Security 2020

    Top Vendors

    E-Commerce 2020

    Top Vendors

    Compliance 2020

    Top Vendors

    Enterprise Architecture 2020

    Top Vendors

    Digital Transformation 2020

    Top Vendors

    Manufacturing 2020

    Top Vendors

    Agile 2020

    Top Vendors

    CISCO 2020

    Top Vendors

    Field Service 2020

    Top Vendors

    Contact Center 2020

    Top Vendors

    IoT 2020

    Top Vendors

    Microsoft 2020

    Top Vendors

    Retail 2020

    Top Vendors

    Aviation 2020

    Top Vendors

    Healthcare 2020

    Top Vendors

    IT Service Management 2020

    Top Vendors

    Top Vendors

    Big Data 2019

    Top Vendors

    Digital Signage 2019

    Top Vendors

    Sales Tech 2019

    Top Vendors

    Startup 2019

    Top Vendors

    Salesforce 2019

    Top Vendors

    AI 2019

    Top Vendors

    Google 2019

    Top Vendors

    Smart City 2019

    Top Vendors

    FinTech 2019

    Top Vendors

    Admired Tech 2019

    Top Vendors

    Big Data 2019

    Top Vendors

    IT Services 2019

    Top Vendors

    Business Intelligence 2019

    Top Vendors

    Education 2019

    Top Vendors

    Project Management 2019

    Top Vendors

    Enterprise Asset Management 2019

    Top Vendors

    CRM 2019

    Top Vendors

    Data Center 2019

    Top Vendors

    PropTech 2019

    Top Vendors

    Capital Market 2019

    Top Vendors

    Travel and Hospitality 2019

    Top Vendors

    Legal 2019

    Top Vendors

    IT Infrastructure 2019

    Top Vendors

    Plastic Tech 2019

    Top Vendors

    Facility Management 2019

    Top Vendors

    Fleet Management 2019

    Top Vendors

    CEM 2019

    Top Vendors

    Sensor Tech 2019

    Top Vendors

    RegTech 2019

    Top Vendors

    Marine Tech 2019

    Top Vendors

    Collaboration 2019

    Top Vendors

    Software Testing 2019

    Top Vendors

    Facility Management 2019

    Top Vendors

    Automotive 2019

    Top Vendors

    Food and Beverages 2019

    Top Vendors

    Insurance 2019

    Top Vendors

    HPC 2019

    Top Vendors

    Wireless 2019

    Top Vendors

    Simulation 2019

    Top Vendors

    Corporate Finance 2019

    Top Vendors

    Drone 2019

    Top Vendors

    AI Healthcare 2019

    Top Vendors

    SAP 2019

    Top Vendors

    Procurement 2019

    Top Vendors

    Cyber Security 2019

    Top Vendors

    IBM 2019

    Top Vendors

    Construction 2019

    Top Vendors

    Logistics 2019

    Top Vendors

    Managed Services 2019

    Top Vendors

    Manufacturing 2019

    Top Vendors

    Media and Entertainment 2019

    Top Vendors

    Cloud 2019

    Top Vendors

    Banking 2019

    Top Vendors

    Agile 2019

    Top Vendors

    IT Service Management 2019

    Top Vendors

    Retail 2019

    Top Vendors

    HR Technology 2019

    Top Vendors

    Oracle 2019

    Top Vendors

    Cognitive 2019

    Top Vendors

    Compliance 2019

    Top Vendors

    Contact Center 2019

    Top Vendors

    Healthcare 2019

    Top Vendors

    Gov and Public 2019

    Top Vendors

    Microsoft 2019

    Top Vendors

    Pharma and Life Science 2019

    Top Vendors

    DevOps 2019

    Top Vendors

    E-Commerce 2019

    Top Vendors

    Blockchain 2019

    Top Vendors

    IoT 2019

    Top Vendors

    Metals and Mining 2019

    Top Vendors

    Gamification 2019

    Top Vendors

    Field Service 2019

    Top Vendors

    Augmented Reality 2019

    Top Vendors

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    Read Also

    Pinpointing Weak Links in an Enterprise Security Chain: Helping Companies Battle Data and Content Security Challenges

    Pinpointing Weak Links in an Enterprise Security Chain: Helping Companies Battle Data and Content Security Challenges

    Hiro Imamura, SVP and GM, Business Imaging Solutions Group, Canon U.S.A. [NYSE:CAJ]
    Evolving Customer Relationship Management: Move Fast or Die Trying

    Evolving Customer Relationship Management: Move Fast or Die Trying

    Ed Ariel, Vice President of Service Operations, ezCater
    Importance of Customer Relationship Management Implementation

    Importance of Customer Relationship Management Implementation

    Drew Fredrick, Vice President, Home Building Technology, Clayton Homes
    How enterprise tech startups and corporates can collaborate for innovation

    How enterprise tech startups and corporates can collaborate for innovation

    Paul Santos, Managing Partner, Wavemaker Partners
    How an Initiative for Standardization and Modularization Leads to Cost Reduction, Increased Efficiency-and Better Teamwork

    How an Initiative for Standardization and Modularization Leads to Cost Reduction, Increased Efficiency-and Better Teamwork

    Faruk Bilgin, Global Director Manufacturing Engineering of Webasto Group
    Empowering the Retail Paradigm

    Empowering the Retail Paradigm

    Jason Williams, VP of Engineering, DICK’S Sporting Goods
    Fortifying the Retail Pardigm Amidst Uncertainities

    Fortifying the Retail Pardigm Amidst Uncertainities

    Vlad Yakubson, Head of Retail, yd.
    Journey from Intelligent Automation (IA) to Artificial Intelligence (AI)

    Journey from Intelligent Automation (IA) to Artificial Intelligence (AI)

    Sanjay Choubey, VP-IT, Briggs & Stratton
    Loading...

    Copyright © 2021 APAC CIOoutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy  |  Sitemap |  Subscribe

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://compliance.apacciooutlook.com/cxoinsights/compliance-in-the-cloud-nwid-7492.html