This session will discuss roles and responsibilities of the application owner, corporate IT, corporate security and cloud providers. We would also discuss the role corporate IT can play in establishing frameworks and 3rd party governance which would automate good security and reporting practices. The goal of IT and security professionals should be to incorporate security into self-service processes and make it responsibility of everybody involved in consuming cloud services.