By Thomas J. Shaw Esq
Reviewed by Ibe Kalu Etea, CISA, CRISC, ACA, CFE, CRMA, ISO 9001:2008 QMS
One of the most valuable aspects of Cloud Computing for Lawyers and Executives: A Global Approach is its discussion of the cloud. Much of the current IT knowledge has been obtained through a combination of disparate subjects; this book combines law with a discussion of the cloud, and it serves the IT community well, especially because it has included the interests of top executives.
Author Thomas J. Shaw has embedded his deep legal risk expertise within this book and he covers diverse aspects of the cloud, such as privacy, topic-specific statutes, and standards and controls. Insurance, forensics and business continuity are also addressed in this book.
The scope of most IT developments tends to be large. And, while information security professionals would tend to have silo mind-sets about IT innovations, the reality is that other professions such as accounting, legal and marketing have valid substructures to support the rollout, implementation and sustenance of these technologies.
The 1st chapter of the book outlines information about the basics of the cloud, its usage and the financial aspects of its deployment. It then provides US-specific statutes guiding its implementation and cross-border agreements and statutes for the cloud. The book covers the information security risk inherent in the cloud, and the US government’s response to these issues. It also gives an overview of risk response to various privacy issues in the context of security controls, audits and business continuity in the cloud.
The book discusses the challenges and benefits of the cloud, highlighting data breaches, cyberinsurance and forensics in the cloud. The focus of the end of the book is on contractual provisions, agreement drafts and practical application to realistic scenarios of cloud implementation in organizations. It concludes with a discussion of legal ethics and cloud use and the services lawyers can provide in cloud-related matters.
Suffice it to say that this is a rich book that bridges the divide between the law and IT, and it serves as a useful companion for the forward-looking cloud professional who wants to stay informed on the numerous contemporary issues affecting cloud services.
Cloud Computing for Lawyers and Executives: A Global Approach is available from the ISACA Bookstore. For information, see the ISACA Bookstore Supplement in the latest issue of the ISACA Journal, visit the ISACA Bookstore online or email [email protected].
Ibe Kalu Etea, CISA, CRISC, ACA, CFE, CRMA, ISO 9001:2008 QMS, is a corporate governance, internal controls, fraud and enterprise risk assurance professional. He also serves as a member on the advisory council of the Association of Certified Fraud Examiners (ACFE).