Resumen
The rapid adoption of cloud computing by organizations, along with the need to comply with relevant IT governance (ITG) controls, has increased the complexity of governance in the cloud. This transition from a classical data center to a virtualized data center has resulted in the reallocation of roles and responsibilities of IT personnel for managing and accounting for the relevant IT controls. With a lack of guidelines or model for practitioners to choose from, with regard to the allocation of roles and responsibilities, there is a lack of clarity on the responsibilities and accountability for these IT controls. The purpose of this paper is to propose a theoretical model for assigning roles and responsibilities for IT controls for an organization operating in a cloud environment. The proposed model is based on a strong theoretical grounding and can be used to inform good practice.