BSI PD ISO/IEC TR 22678:2019
$167.15
Information technology. Cloud computing. Guidance for policy development
| Published By | Publication Date | Number of Pages |
| BSI | 2019 | 44 |
This document provides guidance on the use of international standards as a tool in the development of those policies that govern or regulate cloud service providers (CSPs) and cloud services, and those policies and practices that govern the use of cloud services in organisations.
This includes material that explains cloud computing concepts and the role of cloud computing international standards in formulating policies and practices.
The document makes references to various international standards. Where possible, these standards are ISO/IEC standards. Where a suitable ISO/IEC standard is not available, references are made to documents published by other WTO-registered standards bodies.
As explained in the WTO Agreement on Technical Barriers to Trade (TBT), standards play a vital role in supporting technical regulations and conformity assessment, however this document does not cover matters of trade.
PDF Catalog
| PDF Pages | PDF Title |
|---|---|
| 2 | undefined |
| 7 | Foreword |
| 8 | Introduction |
| 9 | 1 Scope 2 Normative references 3 Terms and definitions |
| 10 | 4 Abbreviated terms |
| 11 | 5 Summary of this document 5.1 Purpose of this document 5.2 Intended audience |
| 12 | 5.3 How to use this document 6 Understanding cloud computing aspects for policy development 6.1 Introduction 6.2 Cloud computing essential characteristics 6.2.1 Standard definition of cloud computing 6.2.2 Essential characteristics of cloud computing (from ISO/IEC 17788) |
| 13 | 6.3 Major benefits of cloud computing 6.3.1 Benefits for cloud service customers (CSCs) |
| 15 | 6.3.2 Benefits for society 6.4 Implications for policy makers 6.4.1 Shared responsibilities |
| 16 | 6.4.2 Cloud services which are deployed and managed across multiple jurisdictions 6.4.3 Economics of managing a global cloud service |
| 17 | 6.4.4 What global, scalable public cloud computing makes possible 6.4.5 Implications of service scale and velocity |
| 18 | 6.4.6 Implications of continuous development 6.4.7 Implications of multi-tenant cloud services 6.4.8 Implications of geographical restrictions |
| 19 | 6.4.9 The need for cloud service data categorisation and classification |
| 20 | 6.4.10 Interoperability and portability |
| 21 | 6.4.11 Trust and transparency |
| 22 | 6.4.12 Exceptional circumstances |
| 23 | 6.4.13 Compliance, certification, audit 6.4.14 Challenges for small and medium sized enterprise (SME) adoption |
| 24 | 7 Using international standards to assist in developing policies that cover cloud computing 7.1 International standards relevant to cloud computing policy development |
| 27 | 7.1.1 ISO/IEC 19086 series of standards as applicable to trust and transparency |
| 28 | 7.1.2 ISO/IEC 19944 as applicable to clarify data concepts |
| 29 | 7.1.3 ISO/IEC 27552, Privacy information management systems |
| 30 | 7.2 Other significant standards, specifications, and documents 8 Considerations when developing policy 8.1 Considerations for regulatory policy 8.1.1 General |
| 31 | 8.1.2 Multi-tenant issues 8.1.3 Avoiding unnecessary barriers to cloud adoption |
| 32 | 8.1.4 Trust and transparency 8.1.5 Interoperability and portability |
| 33 | 8.1.6 Security and privacy 8.2 Considerations for advisory policy 8.2.1 General |
| 34 | 8.2.2 Promotion of cloud technology adoption 8.2.3 Terminology and taxonomy 8.2.4 Adoption by small and medium enterprises 8.2.5 Supplier certifications 8.2.6 Network connectivity |
| 35 | 8.2.7 Interoperability and portability 8.3 Considerations for procurement policy 8.3.1 General 8.3.2 Terminology and taxonomy |
| 36 | 8.3.3 Cloud service deployment models 8.3.4 Supplier certifications 8.3.5 Interoperability and portability 9 Conclusions |
| 37 | Annex A (informative) Relationship between key characteristics and implications |
| 38 | Annex B (informative) Other relevant standards, specifications, and documents |
| 40 | Bibliography |
