Just jotting some thoughts on the names and purposes of the Working
Group (WG) as proposed by Chris - see his pending post about requiring
Chair, Vice Chairs and Read Admirals
Standards - Focuses on enhancing and expanding the compliance packs as
well as collaborating with standards owners (e.g. the PCI council,
Cloud Security Alliance)
Tools - Works with IT GRC [1] tool providers to include Cloud Audit
(the standard) into Commercial Off the Shelf Software - should
interact with Consumers WG and Providers WG
Consumers - Provides end-users (auditors, cloud users) with tools and
documentation to assist in the consumption of Cloud Audit responses
from their Service Providers
Infrastructure - Responsible for building, maintaining and operating
the Cloud Audit infrastructure including facilities for on-behalf
hosting
Providers - Will explore use cases, build tools and documentation for
Cloud Service provider
Note that Consumers and Providers are for the purpose of proliferation
and allowing for focus role specific use cases, over time they should
merge with the Tools WG.
All five (5) WGs should report into the primary CloudAudit group via
the weekly conference call (and other methods)
[1]
http://en.wikipedia.org/wiki/Governance,_risk_management,_and_compliance