A fourth Industrial Revolution is underway globally; a digital revolution driven by the rapid, wide-scale deployment of digital technologies, such as in high-speed mobile Internet capabilities, artificial intelligence (AI), and machine learning. Cloud computing is at the vanguard of this disruption and transformation. As a result, organizations of all sizes, sectors, and geographies have substantially and rapidly increased their adoption and use of cloud computing, including reliance on third party cloud service providers (CSPs).
One driver in this proliferation and widespread use of cloud computing is the wide range of unparalleled opportunities provided by the cloud. Such opportunities include streamlining and scaling storage, software, and application support; increasing the speed of data access processing and decision-analytics; more productive customer engagement and empowered employees; reducing costs, such as outsourcing costly and difficult-to-update and -manage in-house IT infrastructure. As a result, organizations of all sizes, geographies, and sectors, are developing their own private cloud or purchasing public cloud services from cloud service providers.
While such potential benefits are compelling, cloud computing disrupts corporate governance. Market intelligence reveals critical data, applications and some important roles and responsibilities for policies, security, IT management are increasingly moving from traditional IT departments internal to the organization to the cloud and to the day-to-day management of third party cloud service providers (CSPs).
As a result, cloud computing is stressing enterprise governance in a number of ways, including further extending the enterprise's reliance on third party service providers, exacerbating existing risks, creating new and unexpected operational, cybersecurity and regulatory risks, and fueling an urgent need for more responsive and resilient enterprise risk management strategies and new skills. This disruptive paradigm is raising concerns and thorny questions from corporate boards, trustees, advisors, managers, regulators, and assurance providers about cloud governance, including strategy, performance, risks, controls, and skills.
In this context, this book brings to life the diverse range of opportunities and challenges associated with governing the deployment and enterprise-wide use of cloud computing from a practitioner perspective. It will be a practical reference guide with chapter-based self-assessment questions and written in a user-friendly manner that should appeal to diversified cohorts of international students, operational and risk managers, boards, auditors, and advisors.
About the Author: Dr. Steven S. Mezzio was appointed Clinical Professor of Practice in Accountancy in the Pace University Lubin School of Business in 2012, designing and teaching undergraduate and graduate courses in Accounting, Auditing, Enterprise Risk Management (ERM), Internal Audit, Governance, and Business Strategy. In 2017, he was appointed Executive Director of the Business School's Center for Excellence in Financial Reporting. He also serves as Executive Education Program development team member for the Cloud Security Alliance; National Instructor for the AICPA COSO Internal Controls Education Certificate Program; Adjunct Professor, Western Colorado University's MBA Program, teaching Sustainability/ESG; UN Global Compact, Sustainability Mindset in Higher Education Working Group Member; Editorial Advisory Board Member, AICPA Journal of Accountancy, and NYSSCPA CPA Journal.
Previously, Mr. Mezzio served as Partner with PriceWaterhouseCoopers (PwC), serving in the Audit practice, was appointed to the National Office Professional Practices Audit Specialist Group, then appointed to the Governance, Risk, Controls, and Internal Audit Consultancy Practice, serving a range of clients spanning industry sectors and international boundaries. He also served on a PwC Executive Education steering committee, collaborating with INSEAD, UVA and UCLA to develop education programs for PwC.
In 2017, Mr. Mezzio earned a Ph.D. in Higher Education and Workplace Learning from New York University (NYU), and holds a Master's degree in Business and Accountancy from the University of Miami, and a Bachelor's degree in Public Accountancy from Pace University. He has published academic research, authored practice-oriented articles and spoken on a range of topics, including executive education, the cloud, robotics, sustainability, governance, controls, auditing, the future of work, and the future of accounting education.
Meredith Stein, CPA, has substantial and diverse experience in the domain of governance, including designing, operationalizing, and assessing governance structures, including enterprise risk management (ERM), internal controls, and external audits of financial statements. The design and deployment of governance-related executive education and training programs have been central to her various roles.
Currently, Ms. Meredith Stein works at the National Institutes of Health (NIH), a U.S. Federal Government agency. She leads three NIH-wide programs: (1) Risk Management Program; (2) Audit Liaison Program for audits performed by the Office of Inspector General and the Government Accountability Office; and (3) Federal Managers' Financial Integrity Act Program (the Federal government equivalent to Sarbanes Oxley for public companies).
Prior to joining NIH, Ms. Stein worked for the Pension Benefit Guaranty Corporation, a Federal government organization that protects pensions of American workers and retirees. Prior to that, Ms. Stein worked as a Manager for KPMG, the public accounting firm, where she led governance-related consulting projects, and designed associated training programs.
Ms. Stein received her undergraduate degree in Accounting from the American University. She is a Certified Public Accountant.
Throughout his career, Mr. Vince Campitelli has been involved in identifying skills necessary to support the innovative functions being created through the adoption and deployment of information technology, including developing and delivering training programs focused on strategy, operations, and governance.
Currently, he serves as consultant to the Office of the President of the Cloud Security Alliance (CSA), a global non-for-profit organization dedicated to creating and sharing best practices to help ensure a secure and properly governed cloud computing environment. Responsibilities include conducting cloud-related research, providing guidance on best practices, designing, developing, and teaching practice-focused executive education and training webinars as well as certification programs associated with adoption, and deployment and governance of cloud computing and cloud service providers (CSPs).
Prior to working with the Cloud Security Alliance, Mr. Campitelli was a Vice-President with McKesson Corporation, a Fortune 12 company devoted to the Healthcare Industry. During his almost ten years with McKesson, Mr. Campitelli was responsible for the creation, implementation, and centralization of the IT risk management and security function dedicated to fulfilling the needs of the numerous business units comprising McKesson. Part of that responsibility included design, development and delivery of training and awareness programs associated with governing third party CSPs.
Mr. Campitelli began his career with PwC, where he served as a Regional Technology Partner for New York and Philadelphia. Mr. Campitelli is a graduate of Penn State University with a degree in Mechanical Engineering and an MBA in Operations Research from The University of Maryland.