Proposed Organization of CloudAudit Working Sub-Groups - Nominate someone/yourself...

10 views
Skip to first unread message

Hoff

unread,
Aug 4, 2010, 11:53:53 AM8/4/10
to CloudAudit
On our last call, I mentioned that I'd like to consider creating sub-
groups within the CloudAudit effort to help focus and distribute tasks/
deliverables/workstreams appropriately and allow people to contribute
in areas they felt they specialized. Ultimately, these sub-groups
would report up to the larger team weekly on our call but would be
free to structure their own meeting times.

We had a good conversation and agreed on a basic organizational
structure and terms that Ben Sapiro was kind enough to document here:

http://groups.google.com/group/cloudaudit/browse_thread/thread/c57e5b686da57503

In summary, here are the groups:

Standards - Focuses on enhancing and expanding the compliance packs
as
well as collaborating with standards owners (e.g. the PCI council,
Cloud Security Alliance)

Tools - Works with IT GRC [1] tool providers to include Cloud Audit
(the standard) into Commercial Off the Shelf Software - should
interact with Consumers WG and Providers WG

Consumers - Provides end-users (auditors, cloud users) with tools and
documentation to assist in the consumption of Cloud Audit responses
from their Service Providers

Infrastructure - Responsible for building, maintaining and operating
the Cloud Audit infrastructure including facilities for on-behalf
hosting

Providers - Will explore use cases, build tools and documentation for
Cloud Service provider

If you have an interest in leading one of these groups as either the
lead or the vice-lead, please respond under this thread and we'll sort
the various "nominations" out to arrive at a well-represented team
structure based on experience.

Thanks very much.

/Hoff


Mohammad Zaman

unread,
Aug 4, 2010, 12:31:13 PM8/4/10
to cloud...@googlegroups.com
Let me know if I can be of any assistance... Preference in order would be: Provider, Infrastructure, Standards... 

marlin pohlman

unread,
Aug 4, 2010, 3:03:50 PM8/4/10
to cloudaudit
Acting as lead or co-lead on the standards WG would enable me to align
my Cloud Security CM & SA co-chair roles which will have a
certification component as well as my PCI, ISO, ISACA & IEEE
coordination work. Changing hats is easier than asking permission or
granting approval.

Thanks for understanding.
- Marlin

Doug Barbin

unread,
Aug 4, 2010, 4:19:43 PM8/4/10
to CloudAudit
Marlin,

I responded directly to Chris and said the same thing. I ran point on
the last version of the compliance paks but if we have more help
(especially from CSA) I told him I could pitch in somewhere else.

Bottom-line, I could either chair/co-chair this with you or chair the
consumer work group.

Best Regards,
Doug

On Aug 4, 12:03 pm, marlin pohlman <marlin.pohl...@gmail.com> wrote:
> Acting as lead or co-lead on the standards WG would enable me to align
> my Cloud Security CM & SA co-chair roles which will have a
> certification component as well as my PCI, ISO, ISACA & IEEE
> coordination work.  Changing hats is easier than asking permission or
> granting approval.
>
> Thanks for understanding.
> - Marlin
>
> On Wed, Aug 4, 2010 at 8:53 AM, Hoff <infoseceni...@gmail.com> wrote:
> > On our last call, I mentioned that I'd like to consider creating sub-
> > groups within the CloudAudit effort to help focus and distribute tasks/
> > deliverables/workstreams appropriately and allow people to contribute
> > in areas they felt they specialized. Ultimately, these sub-groups
> > would report up to the larger team weekly on our call but would be
> > free to structure their own meeting times.
>
> > We had a good conversation and agreed on a basic organizational
> > structure and terms that Ben Sapiro was kind enough to document here:
>
> >http://groups.google.com/group/cloudaudit/browse_thread/thread/c57e5b...

marlin pohlman

unread,
Aug 4, 2010, 5:03:18 PM8/4/10
to cloud...@googlegroups.com
Lets tag team, together we can streamline the approval and delivery
process and that what this is really about

MP

Douglas Barbin

unread,
Aug 4, 2010, 5:08:23 PM8/4/10
to cloud...@googlegroups.com
There you have it Mr. Hoff.  Consider Marlin and I co-chairs for the standards/compliance pak working groups. 

DB
--
Douglas W. Barbin
dba...@gmail.com
Cell:  (916) 838-9401

Charlton Barreto

unread,
Aug 4, 2010, 4:21:41 PM8/4/10
to cloud...@googlegroups.com
I would like to take on the Infrastructure Chair/Vice Chair role. 
--
Charlton Barreto
mailto:charl...@acm.org
http://charltonb.typepad.com/weblog
mob: +1.650.222.6507
tel: +1.415.692.5396
tel: 0 20 8816 7363

yo.d...@emc.com

unread,
Aug 4, 2010, 5:26:19 PM8/4/10
to cloud...@googlegroups.com

I will be happy to help on the Standards WG.

 

Yo

 

Yo Delmar, MBA, CMC, CISM, CGEIT
Director, Strategic Offer Marketing
___________________
EMC Consulting
EMC Corporation
Mobile: 415 672 7640

Realizing ambitions by bringing information to life.

www.emc.com/consulting

 

 

 

Follow on Twitter: YoDelmar

Read the Blog: http://yogrc.typepad.com/yo_delmars_grc_and_beyond/

Ben Sapiro

unread,
Aug 4, 2010, 10:00:48 PM8/4/10
to CloudAudit
I volunteer for herder or co-herder for the Consumers WG

I nominate George Reese and Sam J for lead mouseketeers of the
Providers WG

On Aug 4, 11:53 am, Hoff <infoseceni...@gmail.com> wrote:
> On our last call, I mentioned that I'd like to consider creating sub-
> groups within the CloudAudit effort to help focus and distribute tasks/
> deliverables/workstreams appropriately and allow people to contribute
> in areas they felt they specialized. Ultimately, these sub-groups
> would report up to the larger team weekly on our call but would be
> free to structure their own meeting times.
>
> We had a good conversation and agreed on a basic organizational
> structure and terms that Ben Sapiro was kind enough to document here:
>
> http://groups.google.com/group/cloudaudit/browse_thread/thread/c57e5b...

alex

unread,
Aug 5, 2010, 8:13:15 AM8/5/10
to CloudAudit

I'm interested in working on the consumer side in some capacity.

On Aug 4, 11:53 am, Hoff <infoseceni...@gmail.com> wrote:
> On our last call, I mentioned that I'd like to consider creating sub-
> groups within the CloudAudit effort to help focus and distribute tasks/
> deliverables/workstreams appropriately and allow people to contribute
> in areas they felt they specialized. Ultimately, these sub-groups
> would report up to the larger team weekly on our call but would be
> free to structure their own meeting times.
>
> We had a good conversation and agreed on a basic organizational
> structure and terms that Ben Sapiro was kind enough to document here:
>
> http://groups.google.com/group/cloudaudit/browse_thread/thread/c57e5b...

Daniel Philpott

unread,
Aug 5, 2010, 10:25:19 PM8/5/10
to cloud...@googlegroups.com
I'm interested in working on the Standards group, seems to be a trend for me lately.

Dan Philpott
Federal Information Security Architect
Phone: 301-825-5722
Email: dan.ph...@gmail.com

versace

unread,
Aug 6, 2010, 9:54:55 AM8/6/10
to CloudAudit
And I'm happy to spend time between the tools and consumer w/gs.
Happy to co-lead the consumer w/g
Mike

On Aug 4, 11:53 am, Hoff <infoseceni...@gmail.com> wrote:
> On our last call, I mentioned that I'd like to consider creating sub-
> groups within the CloudAudit effort to help focus and distribute tasks/
> deliverables/workstreams appropriately and allow people to contribute
> in areas they felt they specialized. Ultimately, these sub-groups
> would report up to the larger team weekly on our call but would be
> free to structure their own meeting times.
>
> We had a good conversation and agreed on a basic organizational
> structure and terms that Ben Sapiro was kind enough to document here:
>
> http://groups.google.com/group/cloudaudit/browse_thread/thread/c57e5b...

Scott C. Sanchez

unread,
Aug 6, 2010, 10:15:32 AM8/6/10
to cloud...@googlegroups.com
I'll raise my hand to co-lead the consumer group

Abhiraj

unread,
Aug 9, 2010, 2:20:54 PM8/9/10
to cloud...@googlegroups.com
Sorry to be a bit late... in responding {was laid off with Jaundice indeed..}.
I am ready to get into rendering the niche of standards... as well as infrastructure too seems fine for me!

Abhiraj

--
'Conquer The World...'


Thanks & Regards,
--
K.S.Abhiraj
Security Research Analyst


Ridhwan

unread,
Aug 9, 2010, 9:29:14 PM8/9/10
to CloudAudit
I will like to work in standards especially in GRC audits
Rizwan
researcher
> '*Conquer The World...*'
>
> Thanks & Regards,
> --
> *K.S.Abhiraj*
> Security Research Analyst- Hide quoted text -
>
> - Show quoted text -

Bhaskar Prasad Rimal

unread,
Aug 10, 2010, 2:40:00 AM8/10/10
to cloud...@googlegroups.com
I am interested to work with Tools team.
Yours Sincerely,
-----------------------------------------------------------
Bhaskar Prasad Rimal
Graduate School of Business IT
Kookmin University
861-1 Jeongneung-Dong, Seongbuk-Gu, Seoul, 136-702, Korea

Gilad Parann-Nissany

unread,
Aug 10, 2010, 4:24:57 AM8/10/10
to cloud...@googlegroups.com
Chris and everyone

Tools seems the right place for me.
Let me know what you need there

Regards
Gilad
__________________
Gilad Parann-Nissany
CEO, Founder
Porticor Cloud Security
http://www.porticor.com/

Mohamed El-Refaey

unread,
Aug 10, 2010, 4:54:08 AM8/10/10
to cloud...@googlegroups.com
Hi,
I can contribute in Providers subgroup.

Regards,
Mohamed El-Refaey

Chet Davis

unread,
Aug 10, 2010, 6:35:34 PM8/10/10
to cloud...@googlegroups.com, CloudAudit

To All,
I don't know if you are looking for any companies like Campbell Soup to be participants in the "Consumers" Working Sub-groups but I am open to volunteering to assist whoever is organizing this sub-committee.

Chet



Chet Davis
Chief Information Security Officer
| Global IT Security
Campbell Soup
| 1 Campbell Place | Camden, NJ 08103 , USA | tel. +1 856 342 5208



Inactive hide details for Hoff ---08/04/2010 11:54:14 AM---On our last call, I mentioned that I'd like to consider creating subHoff ---08/04/2010 11:54:14 AM---On our last call, I mentioned that I'd like to consider creating sub- groups within the CloudAudit e


From:

Hoff <infose...@gmail.com>

To:

CloudAudit <cloud...@googlegroups.com>

Date:

08/04/2010 11:54 AM

Subject:


Proposed Organization of CloudAudit Working Sub-Groups - Nominate someone/yourself...

**********************************************************************
This e-mail and any files transmitted with it may contain 
confidential information and is intended solely for use by 
the individual to whom it is addressed.  If you received
this e-mail in error, please notify the sender, do not 
disclose its contents to others and delete it from your 
system.

**********************************************************************

Hoff

unread,
Aug 10, 2010, 10:02:52 PM8/10/10
to CloudAudit
Chet:

Absolutely. End users in the 'consumers' section is extremely
important.

/Hoff

On Aug 10, 6:35 pm, Chet Davis <chet_da...@campbellsoup.com> wrote:
> To All,
> I don't know if you are looking for any companies like Campbell Soup to be
> participants in the "Consumers" Working Sub-groups but I am open to
> volunteering to assist whoever is organizing this sub-committee.
>
> Chet
>
>  Chet Davis                                                                              
>  Chief Information Security Officer | Global IT Security                                
>  Campbell Soup | 1 Campbell Place | Camden, NJ 08103 , USA | tel. +1 856 342 5208        
>
>   From:       Hoff <infoseceni...@gmail.com>                                                          
>
>   To:         CloudAudit <cloud...@googlegroups.com>                                                
>
>   Date:       08/04/2010 11:54 AM                                                                    
>
>   Subject:    Proposed Organization of CloudAudit Working Sub-Groups - Nominate                      
>               someone/yourself...                                                                    
>
>   Sent by:    cloud...@googlegroups.com                                                            
>
> On our last call, I mentioned that I'd like to consider creating sub-
> groups within the CloudAudit effort to help focus and distribute tasks/
> deliverables/workstreams appropriately and allow people to contribute
> in areas they felt they specialized. Ultimately, these sub-groups
> would report up to the larger team weekly on our call but would be
> free to structure their own meeting times.
>
> We had a good conversation and agreed on a basic organizational
> structure and terms that Ben Sapiro was kind enough to document here:
>
> http://groups.google.com/group/cloudaudit/browse_thread/thread/c57e5b...
>  1A841859.jpg
> 5KViewDownload
>
>  ecblank.gif
> < 1KViewDownload
>
>  graycol.gif
> < 1KViewDownload

vaibhav aher

unread,
Aug 11, 2010, 8:52:09 AM8/11/10
to cloud...@googlegroups.com
I am ready to get into rendering the niche of standards...
Count me in..


--
Vaibhav Aher

Ir0nF1re

unread,
Aug 12, 2010, 10:10:19 AM8/12/10
to CloudAudit

Hi,

I am willing to help with the infrastructure group.

Regards,


Kevin Wharram
Senior Security Consultant
Financial Services Authority

On Aug 4, 4:53 pm, Hoff <infoseceni...@gmail.com> wrote:
> On our last call, I mentioned that I'd like to consider creating sub-
> groups within the CloudAudit effort to help focus and distribute tasks/
> deliverables/workstreams appropriately and allow people to contribute
> in areas they felt they specialized. Ultimately, these sub-groups
> would report up to the larger team weekly on our call but would be
> free to structure their own meeting times.
>
> We had a good conversation and agreed on a basic organizational
> structure and terms that Ben Sapiro was kind enough to document here:
>
> http://groups.google.com/group/cloudaudit/browse_thread/thread/c57e5b...

Andrew Hay

unread,
Aug 18, 2010, 9:35:44 AM8/18/10
to cloud...@googlegroups.com
Put me down for 'tools' as well please.
--
Andrew Hay
email: andre...@gmail.com
office: +1.613.482.0841
mobile: +1.403.849.0429
blog: http://www.andrewhay.ca
twitter: http://twitter.com/andrewsmhay
linkedin: http://www.linkedin.com/in/andrewhay

neth

unread,
Aug 18, 2010, 8:33:52 PM8/18/10
to CloudAudit
Hi,
Providers or tools for me please.
khor

On Aug 5, 12:53 am, Hoff <infoseceni...@gmail.com> wrote:
> On our last call, I mentioned that I'd like to consider creating sub-
> groups within the CloudAudit effort to help focus and distribute tasks/
> deliverables/workstreams appropriately and allow people to contribute
> in areas they felt they specialized. Ultimately, these sub-groups
> would report up to the larger team weekly on our call but would be
> free to structure their own meeting times.
>
> We had a good conversation and agreed on a basic organizational
> structure and terms that Ben Sapiro was kind enough to document here:
>
> http://groups.google.com/group/cloudaudit/browse_thread/thread/c57e5b...

neth

unread,
Aug 19, 2010, 11:05:55 PM8/19/10
to CloudAudit
Hi,
Sorry. I meant providers or consumers or tools.
khor

Colleen

unread,
Aug 19, 2010, 8:41:35 PM8/19/10
to cloud...@googlegroups.com, CloudAudit
I would like to contribute in standards areas.

------------------------------
Colleen Smith

John Menerick

unread,
Aug 25, 2010, 12:09:04 AM8/25/10
to CloudAudit
Count me in for Infrastructure and/or Provider W/G.

John Menerick

Eugene Luster

unread,
Aug 26, 2010, 12:46:00 AM8/26/10
to cloud...@googlegroups.com
Count me in the Standards or tools WG please.
--
v/r,
  Eugene Luster

James Blake

unread,
Aug 26, 2010, 4:47:35 AM8/26/10
to cloud...@googlegroups.com
I am interested in working in the Standards and Consumers working groups.

Regards


James Blake

Jimmy Blake

unread,
Aug 26, 2010, 4:50:10 AM8/26/10
to CloudAudit

gaurav

unread,
Aug 26, 2010, 7:28:57 PM8/26/10
to CloudAudit
I would like to be part of sub group. Can you please list out what sub
groups are in place.


Gaurav

Ben Sapiro

unread,
Aug 29, 2010, 10:36:36 PM8/29/10
to CloudAudit
Hi Gaurav

Have a look here for more details

http://wiki.cloudaudit.org/working-groups
Reply all
Reply to author
Forward
0 new messages