The traditional, on-premise computing model has established processes, accreditations, certifications, governance and compliance rules – FISMA, NERC CIP, HIPAA, PCI-DSS, IRS 1075. While the security industry is aggressively addressing the technical security gaps in cloud-driven services, many organizations using cloud services are struggling to implement and adapt strategic processes, procedures, and controls for cloud governance and due diligence.