COSO issues guidance document on Enterprise Risk Management for Cloud Computing

Published: Monday, 09 August 2021 07:09

The Committee of Sponsoring Organizations of the Treadway Commission (COSO), in collaboration with Crowe LLP, has developed new ERM guidance: ‘Enterprise Risk Management for Cloud Computing’. This provides a roadmap for establishing cloud computing governance leveraging the principles of COSO’s ‘Enterprise Risk Management (ERM) – Integrating with Strategy and Performance framework’.

The use of the COSO enterprise risk management framework enables cloud computing to be integrated with the organization’s ERM function. The guidance explains how to apply the COSO ERM framework by evaluating each component as well as the 20 principles to cloud computing governance. As noted in the guidance, those organizations that have not yet created a cloud governance program can do so at any time and continue to refresh as changes occur.

By incorporating cloud governance into the organization’s cloud computing processes, the organization is better positioned to manage risks that threaten the strategy and objectives of the organization.

Read Enterprise Risk Management for Cloud Computing (PDF).