Finally, COSO comes out with its guidance on Risk Management relating to Cloud computing. For so long, risks relating to cloud computing have been in the air.. literally.

COSO guidance enables executives to identify, monitor, and mitigate or accept the risks that come with using cloud computing.

Approaching ERM in the Cloud Computing Paradigm
First and foremost is for companies to establish Cloud Computing Governance Using the COSO Framework. Not only does this make the process more formal and aligned to risk management best practices, but it also ensures the seriousness of cloud computing at the Senior Management level.

Cloud Computing paper addresses and provides recommended risk responses for the following major risks relating to Cloud Computing

-Unauthorized cloud activity
-Lack of transparency
-Security, compliance, data leakage, and data jurisdiction
-Transparency and relinquishing direct control
-Reliability, performance, high-value cyber-attack target
-Vendor lock-in
-Non compliance with disclosure requirements
-Non compliance with regulations

Full paper can be downloaded from the following link:
http://www.coso.org/documents/Cloud%20Computing%20Thought%20Paper.pdf