belgacom cloud computing workshop
DESCRIPTION
Slides from the presentation that I gave to Belgacom in BrusselsTRANSCRIPT
Cloud Computing Workshop with Belgacom
20 June 2012
Agenda
ActivityActivity DurationDurationSpeakersSpeakers
Goal setting and expectationsGoal setting and expectations 10 min10 minKPMG/BelgacomKPMG/Belgacom
Setting the sceneSetting the scene 10 min10 minMike Chung Mike Chung
Best practices telcos and cloud servicesBest practices telcos and cloud services 45 min45 minMike Chung Mike Chung
BreakBreak 10 min10 min--
Demo Cloud Readiness ScanDemo Cloud Readiness Scan 15 min15 minTünde BalintTünde Balint
Rules, regulations and (pre)conditionsRules, regulations and (pre)conditions 35 min35 minJohn Hermans/Mike ChungJohn Hermans/Mike Chung
Determining Belgacom’s need for adviceDetermining Belgacom’s need for advice 25 min25 minBelgacom/KPMGBelgacom/KPMG
Defining steps forward and action itemsDefining steps forward and action items 15 min15 minKPMG/BelgacomKPMG/Belgacom
1: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Goal setting and expectations
Your nameYour nameYour nameYour name
Your function/roleYour function/role
What are your expectations?What are your expectations?
What question(s) would you like to have answered?What question(s) would you like to have answered?
2: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Setting the sceneSetting the scene
3: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Defining the cloud
4: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Into perspective
Ongoing, solid growth in 2012• Microsoft Office 365 at All India Council for Technical Education containing 7.5 million Ongoing, solid growth in 2012• Microsoft Office 365 at All India Council for Technical Education containing 7.5 million
users• Google signs with BBVA to migrate over 100,000 users to GoogleApps• About 40% of CRM software has gone online (Wall street Journal)
users• Google signs with BBVA to migrate over 100,000 users to GoogleApps• About 40% of CRM software has gone online (Wall street Journal)
Evolving partnership ecosystem• HP Cloud with Amazon ECEvolving partnership ecosystem• HP Cloud with Amazon EC• Cisco, VMware, EMC, NetApp partnership• IBM pacts with Cloudera (Hadoop) – also with Siebel• Cisco, VMware, EMC, NetApp partnership• IBM pacts with Cloudera (Hadoop) – also with Siebel
Move towards privacy and security• New data centers in Europe (Verizon/Terremark, HP, Salesforce (planned))• GoogleApps ISO2700x certified
Move towards privacy and security• New data centers in Europe (Verizon/Terremark, HP, Salesforce (planned))• GoogleApps ISO2700x certified
5: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
• Emergence of external private clouds• Emergence of external private clouds
Emergence of telcos
DTAG’s Cloud 7 0 including SAP onlineDTAG’s Cloud 7 0 including SAP onlineDTAG s Cloud 7.0 including SAP onlineDTAG s Cloud 7.0 including SAP online
KPN’s Hybrid cloudKPN’s Hybrid cloudyy
Telenor’s Ibiroda cloud based on MSTelenor’s Ibiroda cloud based on MS
KT’s UcloudKT’s Ucloud
6: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Presumed business case
Telcos own and manage (mobile) networksTelcos own and manage (mobile) networksTelcos own and manage (mobile) networksTelcos own and manage (mobile) networks
Telcos have an existing business client baseTelcos have an existing business client basegg
Telcos have full enterprise solutions portfolioTelcos have full enterprise solutions portfolio
Telcos have enterprise sales capability Telcos have enterprise sales capability
7: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Best practices telcos and cloud servicesBest practices telcos and cloud services
8: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Topics
Sales & marketingSales & marketingSales & marketingSales & marketing
Product portfolioProduct portfoliopp
Building blocks & integrationBuilding blocks & integration
Service & supportService & support
9: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Approach
General market’s viewGeneral market’s viewGeneral market s viewGeneral market s view
Focus on the telecommunication sectorFocus on the telecommunication sector
Specific case regarding two telcosSpecific case regarding two telcos
10: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Sales & marketing: market focus
SMBs vs enterprisesSMBs vs enterprisesSMBs vs. enterprisesSMBs vs. enterprises
National or internationalNational or international
Selected or generalSelected or general
11: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Sales & marketing: unique selling points
PricePricePricePrice
TrustTrust
InnovationInnovation
12: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Sales & marketing: revenue model
Emerging cloud pricing models
Subscription Usage basedFree – Ad Supported
• Still evolving• Primarily for applications
• Primarily for applications• Salesforce.com
• Infrastructure focus• Amazon AWS
Amazon Rackspace AT&T
SMB Focus:À la carte Product & Variable Pricing
Terremark
Enterprise Focus:Custom Built Product & Fixed PricingVs
.• None
Fixe
d • $100/month (One 1.2GHz server, 500 GB bandwidth, 50 GB storage)
• Compute: 10c -$1 2/instance hr*
• Compute: $0.01/compute cycle*bl
e
• Mostly fixed pricing– ~$4000/month for a
starting compute bundle
• Low variable pricing component
• Mostly fixed pricing– $2000/month for a
starting 5GHz compute bundle
• Low variable pricing component$1.2/instance hr
• Bandwidth: $0.10 -$0.17/GB
• Storage: $0.10/GB month
cycle• Bandwidth: $0.25/GB• Storage: $0.5/GBVa
riab component component
– $425/Ghz month added capacity
13: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Product portfolio: overview
2003-20042003-2004 2007-20082007-2008 2009-20102009-2010 2011-present 2011-present
BT Open Orchard T-Systems Dynamic
Telstra T-Suite
NTT Business Security Telia Sonera Business
Vodafone Cloud Services SK Telecom T-bizpoint
Software as a Service (SaaS)
Software as a Service (SaaS)
T-Systems Dynamic Services
T-Suite Orange IT Plan
Telia Sonera Business Class Cloud Services
Telefónica Aplicateca Softbank White Cloud T-Systems ERP on-
demand
Platform as a Service (PaaS)
Platform as a Service (PaaS)
T-Systems (Database and Middleware Environments)
SK Telecom Cloud Computing Platform
AT&T Telstra KT Ucloud
AT&T Synaptic Hosting Orange Flexible computing
BT Virtual Data Center
Telecom Italia NTT IaaS Telefónica (T-Cloud)
Infrastructure as a Service
(IaaS)
Infrastructure as a Service
(IaaS)
BT Virtual Data Center Verizon Computing as a
Service AT&T Synaptic Storage
and Compute Telefónica: Cloud
Storage & Virtual Data
Telefónica (T Cloud) KPN Hybrid Cloud
14: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
gCenter
Product portfolio: different concepts
Proprietary services vs partnershipsProprietary services vs partnershipsProprietary services vs. partnerships Proprietary services vs. partnerships
Development or acquisitionDevelopment or acquisitionp qp q
Reselling or value-added servicesReselling or value-added services
15: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Product portfolio: scope of services
Integration/aggregation servicesIntegration/aggregation servicesIntegration/aggregation servicesIntegration/aggregation services
SaaS, PaaS, IaaSSaaS, PaaS, IaaS, ,, ,
Private vs publicPrivate vs public
16: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Product portfolio: partnerships
Reselling of cloud servicesReselling of cloud servicesReselling of cloud servicesReselling of cloud services
ConsultancyConsultancyyy
Technology partnershipsTechnology partnerships
17: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Product portfolio: ecosystem of cloud
Cloud service vendors Cloud service integratorsCloud enablers
Provide the actual cloud services spanning SaaS
Provide cloud focused technology services such as
Provide the technology,
Value added
services, spanning SaaS, PaaS and IaaS, to customers
technology services such as system integration, cloud migration and maintenance
infrastructure, platforms and Middleware to enable provision of cloud services
H/W and S/W vendors IT & Services players (HW & SW vendors / IT distributors)
Integrators
ExamplesPure Cloud players (e-commerce, Internet giants, Hosting companies)
TelcosTelcos
18: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Product portfolio: example of candidates
System Integrators
Example Partner Candidates by Area of Expertise
Applications
y g
Application Development Platform
Infrastructure Platform Software
O S
Virtualization Software
Hardware
Operating System
19: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Building blocks & integration: areas of concern
Identity & Access ManagementIdentity & Access ManagementIdentity & Access ManagementIdentity & Access Management
Network integrationNetwork integrationgg
Backend services integrationBackend services integration
20: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Building blocks & integration: architecture
Organization Other Cloud Customers
Users
Services
Users
Internet or LAN Internet
Organizations Internal IT Service providerService provider Service provider
Hardware, software + data
Managed hostingPrivate-External
Hardware, software + data
Third-Party Vendor (Multi-Tenant)Public
Hardware, software + data
Internal Data CenterPrivate
Hardware, software + data
Combined Public + Private CloudHybrid
21: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Building blocks & integration: technology 1/2
CloudMultiple
authentication
IT function of CSPat
ion
Cloud ServiceCloud
Service
Cloud Service
PUBLIC CLOUD
authentication methods
MultipleCSPBusiness Service
Business ServiceVi
rtua
liza Service Cloud
Service
Multiple API
Multiple software
i
PRIVATE CLOUDOff-premiseCloud
versions
Hypervisor solutions –controlled in a unified
a
Unified data li i
Business Service
Service
Cloud Service
waypolicies and
security measures
22: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Building blocks & integration: technology 2/2
Client
Multiple authentication methods (e.g. diff t AD
Load estimates
Message Client A
different AD trees)
How to assure SSO?
Different ft
estimates
Monitoring
queues
IT function of CSP
Business Service
Business ServiceVi
rtua
lizat
ion
Client B
softwareversions
Legacy applications
Data migration &
Old data which
Payment model
Client C
migration & different
data types
needs to be moved
Interfacesbetween in-house and
Backup/ restore
and failover
I f ti
Client D
cloud part of the application
Information security
23: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Service & support: main topics
Cloud service advisory and consultancyCloud service advisory and consultancyCloud service advisory and consultancyCloud service advisory and consultancy
Customer supportCustomer supportpppp
Technical supportTechnical support
24: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Service & support: service integrator model
The Business
IT Risk Management• Risk identification and
analysis across different CSPs
• Risk library
IT Risk Manager
Service Owner
Service Ownership:• Single Point of Contact
with the Cloud Service Providers (CSP) & IT
• Demand Capture• Services Standards • Risk library
• Vendor/CSP Audits
IT Finance Management
VendorManager
• Services Standards• Service Level
Monitoring
Vendor Management:
IT Finance Manager
Management• Business case• Service Costing and
Chargeback• SLA penalty-bonus
calculationRackspaceGoogle
Internal IT O i ti
Vendor Management:• Vendor certification• Contract Negotiations
GoogleAmazon Web Services
Organization(retained IT Services)
25: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Summary
Emergence of telcosEmergence of telcos
Sales & marketingSales & marketing
Emergence of telcosEmergence of telcos
gg
Product portfolioProduct portfolio
Building blocks & integrationBuilding blocks & integration
Service & supportService & support
26: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
10 minutes break10 minutes break
27: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Demo Cloud Readiness ScanDemo Cloud Readiness Scan
28: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Cloud Readiness Scan: overview
CSP1
CSP2
People
or C
loud
CSP3
Process
ness
Stra
tegy
fo
TechnologyFinancial
Risk& Regulatory
CSP4Technology
Bus
in
Operational
Business requirements
Delivering Cloud solutions
Technology
1 3IT function requirements2
29: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
requirements solutions1 3requirements2
Cloud Readiness Scan: for providers
• Need to determine which part of the organization (which application) can be migrated to the cloud• Take into account different areas:
• Assess what needs to change to be able to adopt a service from a given cloud provider• Assess the integration efforts• Assess the integration efforts
30: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Cloud Readiness Scan: a global effort
31: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Demo
32: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Rules, regulations and (pre)conditionsRules, regulations and (pre)conditions
33: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Overview of (perceived) risks
Finance & Tax• Movement from CapEx to OpEx model • Tax considerations• ROI and cost/benefit analysis of cloud model
Finance & Tax• Movement from CapEx to OpEx model • Tax considerations• ROI and cost/benefit analysis of cloud model
Security
Security and Privacy• No control over critical security areas• Weak logical access controls• Legal jurisdiction over data
Security and Privacy• No control over critical security areas• Weak logical access controls• Legal jurisdiction over data
Security and
Privacy
OperationsFinance & Tax
BUSINESS CHALLENGES
& Tax Operations• Redundant roles and skills • Rapid change of the organization • Business resiliency impact
Operations• Redundant roles and skills • Rapid change of the organization • Business resiliency impact
Vendor Management• Ownership of responsibilities• Standards for interoperability• Reliance on the vendor
Vendor Management• Ownership of responsibilities• Standards for interoperability• Reliance on the vendor
IT
Regulatory d
Vendors
Information Technology• External access of the Data Center• Bypass of the IT for technology solutions• Change of the IT paradigm
Information Technology• External access of the Data Center• Bypass of the IT for technology solutions• Change of the IT paradigm
and Compliance
Regulatory and Compliance• Cloud provider’s compliance with regulations• Complexity of records management/records
retention
Regulatory and Compliance• Cloud provider’s compliance with regulations• Complexity of records management/records
retention
34: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
• Independent silo of information• Independent silo of information• Lack of industry standards and certifications• Lack of industry standards and certifications
Compliance: customer side
Laws and directivesLaws and directivesLaws and directivesLaws and directives
Internal control standards Internal control standards
Sector specific regulations Sector specific regulations
35: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Compliance: main questions
Enterprise requirements
concerning data
Enterprise requirements
concerning data
Enterprise IT controls setEnterprise IT controls set
What should the methodology to keep the controls up-to-date?
What should the methodology to keep the controls up-to-date?
Are our controls still valid and what need to be actualised?
Are our controls still valid and what need to be actualised?
RFPRFP
Contracts &
SLA
Contracts &
SLAAssuranceAssurance
How can assurance be obtained; statements be tested?
How can assurance be obtained; statements be tested?What should be the process toWhat should be the process to
-RFP- Negotiations
-RFP- Negotiations
SLAsSLAsWhat should be the process to include these controls in each
contract/SLA?
What should be the process to include these controls in each
contract/SLA?
- (Right-to-) Audit- (Realtime) Monitoring
-Periodical assurance reports
- (Right-to-) Audit- (Realtime) Monitoring
-Periodical assurance reports
Implemented controls in IT environment
Implemented controls in IT environment
36: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Compliance: mode of assurance
Enterprise requirements
concerning data
Enterprise requirements
concerning data
Traditional mode Future mode
Enterprise IT controls set
Enterprise IT controls set
gg
Controls for on-premises ITControls for on-premises IT
Static controls setStatic controls set
Controls included for cloud and mobile services
Controls included for cloud and mobile services
Dynamic controls setDynamic controls set
Contracts &
Contracts &
Shell-specific quality statements
Shell-specific quality statements
AssuranceAssurance
Standardised quality statements
Standardised quality statements
-RFP- Negotiations
-RFP- Negotiations
& SLAs
& SLAs
Custom-fit monitoring and logging
Custom-fit monitoring and logging
AssuranceAssuranceRight-to-auditRight-to-audit
Standardised monitoring and logging
Standardised monitoring and logging
Limited right-to-auditLimited right-to-audit
- (Right-to-) Audit- (Realtime) Monitoring
- (Right-to-) Audit- (Realtime) Monitoring
Implemented controls in IT environment
Implemented controls in IT environment
gg ggg g
Dedicated IT resourcesDedicated IT resources
On-premise data processing & storage
On-premise data processing & storage
gg ggg g
Shared IT resourcesShared IT resources
External data processing & storage
External data processing & storage
-Periodical assurance reports-Periodical assurance reports
37: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Security and privacy
38: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Security risk profile
Data processing and storage
On-premise Off-premise
Resource use Single-tenant Multi-tenant
Primary network LAN (Public) internetyinfrastructure
( )
Cl dOn-premise IT SSC Hosting Outsourcing Cloud computing
39: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Compliance: trust
ReputationReputationReputationReputation
GuaranteeGuarantee
AssuranceAssurance
40: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
KPMG’s track record: framework development
• ISO 27017 Working Group• ISO TC68 Financial Services Security subcommittee and working groups• ISO 27017 Working Group• ISO TC68 Financial Services Security subcommittee and working groups• ISO TC68 Financial Services Security subcommittee and working groups• ISO SC27 Information Security working groups• BITS Shared Assessments Cloud Working Group• ISACA Cloud Working Group
• ISO TC68 Financial Services Security subcommittee and working groups• ISO SC27 Information Security working groups• BITS Shared Assessments Cloud Working Group• ISACA Cloud Working Group• ISACA Cloud Working Group• IETF DNS Security working group• CA/Browser Forum• ANS X9 Financial Services Security board and working groups
• ISACA Cloud Working Group• IETF DNS Security working group• CA/Browser Forum• ANS X9 Financial Services Security board and working groups• ANS X9 Financial Services Security board and working groups• Identity Theft Prevention and Identity Management Standards Panel (IDSP)• AICPA/CICA Trust Services Task Force
AICPA/CICA Pri ac Task Force
• ANS X9 Financial Services Security board and working groups• Identity Theft Prevention and Identity Management Standards Panel (IDSP)• AICPA/CICA Trust Services Task Force
AICPA/CICA Pri ac Task Force• AICPA/CICA Privacy Task Force• AICPA/CICA WebTrust for CAs Task Force• NOREA
• AICPA/CICA Privacy Task Force• AICPA/CICA WebTrust for CAs Task Force• NOREA
41: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
KPMG’s track record: cloud audits
KPMG provides assurance services to providers
KPMG provides assurance services to providers
KPMG provides assurance advisory services to Fortune 500
enterprises
KPMG provides assurance advisory services to Fortune 500
enterprises
To be shown on demand
42: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Summary
Laws and directivesLaws and directivesLaws and directivesLaws and directives
Internal control standards Internal control standards
Sector specific regulations Sector specific regulations
KPMG’s track recordKPMG’s track record
43: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
Contacts
John A.M. HermansPartner KPMG Risk ConsultingKPMG Advisory N.V.
drs. Mike Chung RE Senior ManagerIT Advisory - KPMG Advisory N.V.
Laan van Langerhuize 11186 DS AmstelveenPA: +31 20 6568131Mobile: +31 6 51366389
Laan van Langerhuize 11186 DS AmstelveenDirect Line: +31 (0) 20 656 4034Mobile :+31 (0) 61 455 9916Mobile: +31 6 51366389
[email protected] :+31 (0) 61 455 9916 [email protected]
44: © 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium
© 2012 KPMG Advisory, a Belgian civil CVBA/SCRL and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. Printed in Belgium.
The KPMG name, logo and “cutting through complexity” are registered trademarks or trademarks of KPMG International Cooperative (“KPMGtrademarks or trademarks of KPMG International Cooperative ( KPMG International”).