Cloud Governance: Basics and Practice

  • 3h 47m
  • Meredith Stein, Steven Mezzio, Vince Campitelli
  • De Gruyter Inc
  • 2023

Cloud computing is at the vanguard of the Metaverse-driven digital transformation. As a result, the cloud is ubiquitous; emerging as a mandate for organizations spanning size, sectors, and geographies.

Cloud Governance: Basics and Practice brings to life the diverse range of opportunities and risks associated with governing the adoption and enterprise-wide use of the cloud.

Corporate governance is uniquely disrupted by the cloud; exacerbating existing risks, and creating new and unexpected operational, cybersecurity, and regulatory risks. The cloud further extends the enterprise’s reliance on cloud service providers (CSPs), fueling an urgent need for agile and resilient business and IT strategies, governance, enterprise risk management (ERM), and new skills. This book discusses how the cloud is uniquely stressing corporate governance.

Cloud Governance is a user-friendly practical reference guide with chapter-based self-assessment questions. The chapters in this book are interconnected and centered in a cloud governance ecosystem. This book will guide teachers, students and professionals as well as operational and risk managers, auditors, consultants and boards of directors.

Events around the book

Link to a De Gruyter online event where authors Steven Mezzio & Meredith Stein discuss the interplay of cloud computing and corporate governance functions with Jacqueline de Rojas, president of techUK and chair of the board of Digital Leaders. The event will be moderated by Richard Freeman, founder and CEO of always possible:

  • Practical, user-friendly reference guide appealing to students, business managers, boards, advisors, regulators policy makers, educators, and influencers
  • Practitioner perspective, including real-world examples and self-assessment questions

About the Author

Steven Mezzio, Ph.D. is a results-driven business executive with experience spanning governance, accounting, auditing, financial reporting, Sarbanes-Oxley, COSO / controls, enterprise risk management (ERM), technology, and ESG. Steven is an Associate Dean, Professor of Accountancy and ESG, and Executive Director of the Center for Sustainable Business for the Lubin School of Business at Pace University in NYC. He publishes practice-oriented articles and speaks on a range of topics, including executive education, the cloud, robotics, sustainability, governance, internal controls, auditing, Sarbanes-Oxley, the future of work, and the future of accounting education. Previously, Steven was a Partner with PwC, serving in the Audit Practice, the National Audit Quality Group, and the Governance Advisory Services Practice. He also served as the Global Leader of Governance, Risk, and Compliance Services and Co-Leader of the Key Client Management Group for Resources Global Professionals, a NASDAQ-listed $1 billion company.

Meredith Stein, CPA, has substantial and diverse experience in the domain of governance, including designing, operationalizing, and assessing governance structures, including ERM, COSO / internal controls, and external audits of financial statements. The design and deployment of governance-related executive education and training programs have been central to her various roles. Meredith works for the National Institutes of Health (NIH), a U.S. Federal Government agency. She improves program management and performance by organizing, aligning, assessing, remediating, monitoring corporate and program risk, and ensuring program integrity and compliance. Meredith is also actively involved in governance-related, learning and development initiatives. Previously, Meredith worked for the Pension Benefit Guaranty Corporation. Prior to that, she worked in KPMG’s audit and advisory practices as a manager where she conducted audits and led Sarbanes-Oxley and governance-related consulting projects.

Vincent Campitelli is a practitioner with a specific focus on technology, governance, and risk management. Over the last 10 years, Vincent has focused on developing guidance and best practices for the adoption and use of all models of cloud computing and related emerging technologies such as AI, Big Data, IoT, and Blockchain. Vincent is a consultant to the president of the Cloud Security Alliance (CSA). He serves as an enterprise-wide cloud security specialist internationally, providing support, and advice on all aspects of cloud security, research, education, and practice guidelines. Previously, Vincent was a VP with McKesson Corporation, responsible for the creation, implementation, and centralization of the IT risk management and security function, including the design, development, and delivery of training associated with cloud service providers.

In this Book

  • Foreword
  • Silver Linings: The Fourth Industrial Revolution and the Utopian Promises of Cloud Computing
  • The Dark Side of the Cloud: High-Profile Cyber-Attacks
  • Cloud 101: The Basics of Cloud Computing
  • Cloud Strategy
  • Cloud Performance Management
  • The Basics of Cloud Governance
  • Cloud Computing and the Shared Responsibility Model
  • Cloud Vendors and the Organization’s In-House IT Function
  • Cloud Sprawl, Cloud Inventory and Cloud Management
  • Sustainable Cloud: The Relationship Between the Cloud and ESG
  • Cloud-Driven Change Management and Learning
  • Cloud Risk Management
  • Enterprise Risk Management and the Cloud
  • Security, Trust and the Cloud
  • Incident Response and the Cloud
  • Compliance and the Cloud
  • Internal Auditing and Cloud Computing
  • Third-Party Assurance and the Cloud
  • The Board of Directors: Cloud Governance and Asking the Right Questions
  • Reflections on the Utopian Promises of the Cloud, Wicked Problems and the Metaverse-Driven Future


Rating 5.0 of 3 users Rating 5.0 of 3 users (3)
Rating 4.7 of 41 users Rating 4.7 of 41 users (41)