The road map is based on four guiding principles:
The first step in the framework is to formulate and communicate a vision for the cloud at an enterprise and business-unit level. The first two principles relate to this vision:
Once the vision is articulated and the risk management organization is in place, the next step in the road map is to ensure visibility of what needs to be done and the risk of doing it. There are three principles related to ensuring visibility. The third step in the cloud computing road map is accountability. In the case study, the business owner works with the operational risk manager to develop a matrix of roles and responsibilities.
This accountability extends to process, architecture and culture