There are more than technical issues involved with cloud computing. IT managers considering the cloud in any variety or project size must also contend with their corporate culture and with myriad legal, audit, compliance, security, and privacy issues.

Thomas J. Shaw, Esq. addresses these issues and more in a new book, "Cloud Computing for Lawyers and Executives - A Global Approach." The author reports that the book "demystifies cloud computing for those involved in seeking out, assessing, negotiating and approving cloud computing service agreements." Its global approach encompasses examples from around the world as well as inclusion of statutes and rules from more than 50 countries, including seventeen countries in Asia/Pacific.

The book is aimed at leaders and lawyers inside corporations and government, and those who advise them. It addresses the questions of what, why, and when to use cloud computing, "then covers the laws around the world that Cloud Computing services will implicate," according to Shaw. "The book (also) identifies the information security and privacy risks of cloud computing and the appropriate responses to those risks. Responses include utilizing cloud-specific control frameworks, cloud standards, and cloud audit and assessment methodologies."

Other topics covered include the responding to the requirements for preservation and breaches of data and e-discovery in the cloud. But the focal point is understanding how to negotiate a cloud services agreement. The book provides examples of provisions from five cloud computing services contracts with leading providers. It then looks at practical examples of cloud contracts for both large multinational firms and small and medium sized enterprises (SMEs), using each of the three cloud service models (IaaS, PaaS, SaaS). To round out the possible users of the cloud, it then closes with the issues of individual cloud consumers and provides a checklist of steps to take to prepare for the cloud.

Thomas J. Shaw is based in Tokyo, from where he runs the firm CloudRisk Asia. In addition to being an attorney at law, he hold numerous other related professional qualifications that are necessary for performing cloud risk assessments, including CPA, CRISC, CIPP, CISM, ERMP, CISA, CGEIT, and CCSK.

• SAP Executive & UK CIO to Headline SIIA OnDemand Europe, Continent's Premier Conference for Cloud Computing
• AMD Demonstrates Optimum Cloud Computing Platform
• AgilePath and Appistry Announce the Release of Much-Anticipated Cloud Computing Book