In May 2011, the American Institute of Certified Public Accountants issued a new set of guidelines known as Service Organisation Controls-2 (SOC-2) report, which outlines criteria for the security, availability, processing integrity, privacy and confidentiality of a service organisation’s systems and processes. Organisations that outsource functions, not relevant to financial statements, can request an SOC-2 report to assure themselves that they have requisite controls in place. The report is similar to the older SAS 70 […]
national institute of standards and technology
3 posts
The National Institute of Standards and Technology (NIST) – the organisation that creates technology standards for the federal government – has this week released a new Cloud Computing roadmap and reference architecture to provide guidance for public sector ICT procurers and implementors. The NIST says: “This solution will create a level playing field for industry to discuss and compare their cloud offerings with the US Government (USG). The resulting reference architecture and taxonomy for cloud […]
Last summer, Federal Chief Information Officer Vivek Kundra asked the National Institute of Standards and Technology (NIST) to help accelerate the federal government’s secure adoption of cloud computing by leading efforts to develop cloud standards and guidelines. And NIST just delivered. The agency published two new draft documents on cloud computing. The first document, NIST Definition of Cloud Computing (NIST Special Publication (SP) 800-145) defines cloud computing at least as far as the government is […]