The evaluation of risks on the basis of the probability of their occurrence and the extent of any resulting damage together with the subsequent derivation of suitable measures forms the starting point for operative risk and opportunity management. Examples can be found in risk management standards such as ONR 49000 and ISO 31000. The company management should not simply take over the legal and official requirements on a 1:1 basis, but also implement them with respect to the risks revealed by the quality and management information system. With effect from 2008, Switzerland (as well as other countries) has made the provision of ICS documentation for all social systems mandatory. Its presence must be confirmed by an external auditor.
Cloud computing is the talk of the town and meanwhile becomes understood as solution for many problems and in response to the search for new approaches in IT. But, what does one understand by cloud and cloud computing actually?