Cloud Service Procurement: Engaging the CISO for a Risk Assessment

Tuesday, May 05 | 5:30PM–6:30PM | Conrad A, Second Floor
Session Type: Professional Development
Everywhere you turn cloud service vendors are enticing colleges and universities with quick implementations and minimal internal support costs, convincing them that "the cloud" is the future. However, time and time again, critical questions are not asked or considered before signing on the dotted line. Is your CISO involved in the procurement process? Who assesses the risk of using these cloud services to store the university's data or integrate it with existing systems? Learn what policies, guidelines, and processes are in place at University of San Francisco to properly assess cloud services before the contract is executed.

OUTCOMES: Learn how to critically assess a contract for cloud services * Understand why information security should be part of the process * Review an assessment framework used by USF


  • Walter Petruska

    Former ISO, University of San Francisco

Resources & Downloads