Get our FREE Strategy & Transformation Templates. This is an exclusive promotion being run on LinkedIn.
  This is a partial preview. View large preview.
If you are logged in, your referral link [?] is automatically included below.
EMBED CODE (Copy and Paste)


BENEFITS OF DOCUMENT
  1. Diagnose Cloud Security and Risk Standards projects, initiatives, organizations, businesses and processes using accepted diagnostic standards and practices.
  2. Implement evidence-based best practice strategies aligned with overall goals.
  3. Integrate recent advances in Cloud Security and Risk Standards and process design strategies into practice according to best practice guidelines.

DOCUMENT DESCRIPTION

This Cloud Security and Risk Standards Self Assessment helps you diagnose and address the following issues and questions:

IDS/IPS traffic pattern analysis can often detect or block attacks such as a denial-of-service attack or a network scan. However, in some cases this is legitimate traffic (such as using cloud infrastructure for load testing or security testing). Does the cloud provider have a documented exception process for allowing legitimate traffic that the IDS/IPS flags as an attack pattern?

It is clear that the CSP will face a large number of requests from its customers to prove that the CSP is secure and reliable. There a number of audit and compliance considerations for both the CSP and the customer to consider in cloud computing. First, which compliance framework should a CSP adopt to satisfy its customers and manage its own risks?

In addition to the security of your own customer data, customers should also be concerned about what data the provider collects and how the CSP protects that data. Specifically with regard to your customer data, what metadata does the provider have about your data, how is it secured, and what access do you, the customer, have to that metadata?

IDS/IPS content matching can detect or block known malware attacks, virus signatures, and spam signatures, but are also subject to false positives. If the cloud provider provides IDS/IPS services, is there a documented exception process for allowing legitimate traffic that has content similar to malware attacks or spam?

Security and authentication technologies, allied to event logging, in the cloud computing environment can help auditors as they deal with issues related to workflow were those who entered, approved, changed or otherwise touched data authorized to do so, on an individual, group or role-related basis?

As a CSP undertakes to build out or take a fresh look at its service offerings, the CSP should clearly define its business strategy and related risk management philosophy. What market segments or industries does the CSP intend to serve?

How do you know that a breach has occurred, how do you ensure that the CSP notifies you when a breach occurs, and who is responsible for managing the breach notification process (and costs associated with the process)?

An extra consideration when using cloud services concerns the handling of encryption keys - where are the keys stored and how are they made available to application code that needs to decrypt the data for processing?

Another critical success factor is that appropriate governance needs to be in place. That is, is an appropriate organizational structure in place to manage the organization facing the cloud computing solution?

The Self Assessment tool is built in MS Excel. The above preview showcases an example of a completed version. The secondary document includes a blank template, as well as a detailed 140+ page PDF guide. The guide provides a convenient way to distribute and share among the participants to prepare and discuss the Self Assessment.

Got a question about the product? Email us at [email protected] or ask the author directly by using the form to the right. If you cannot view the preview above this document description, go here to view the large preview instead.

Source: Assessment Dashboard - Cloud Security and Risk Standards Excel document

This document is part of the following Business Toolkit:

Cloud View Details
 

Assessment Dashboard - Cloud Security and Risk Standards

Sold by Gerard Blokdijk (this author has 10 documents)

$79.00

ALL FEES INCLUDED
Add to Cart
  

This business document is categorized under the function(s): Information Technology   Governance, Risk, & Compliance  

It applies to All Industries.

File Type: Excel (xlsx)

File Size: 473.3 KB

Purchase includes lifetime product updates. After your purchase, you will receive an email to download this document.

This product contains a supplemental ZIP document.

Initial upload date (first version): Oct 26, 2017
Most recent version published: Oct 30, 2017

Ask the Author a Question

Must be logged in Click here to log in

Report

SELECT CUSTOMERS

Flevy has provided quality business documents to businesses and organizations of all sizes across the world—in over 60 countries. Below is just a very small sample of our customer base.

VIEW BY


Are you a business professional?
Join Flevy and sell your business documents.

Just as the mobile apps market has helped software developers earn sustainable, passive income, we hope Flevy will do the same for business professionals, like yourself. There's no reason to let your IP collect dust when it can be making you perpetual income.


CUSTOMERS ALSO BOUGHT THESE DOCUMENTS

Get Your Cloud Strategy Right
Listed under:  Information Technology  Strategy, Marketing, & Sales
View more from: Martin Palmgren   Top Flevy Author [?]
170-page PDF document. The "Deliver Business Value with IT" series provides a good overview and actionable material of the ways a CIO can provide valuable and effective support to your company strategy and leverages business model concepts to deliver [read more]
$299.00

Add to Cart View Details

ITIL Unlocked (the missing pieces): Deliver Business Value with IT! - Get your Cloud Strategy Right!
Listed under:  Information Technology  Strategy, Marketing, & Sales
View more from: Martin Palmgren   Top Flevy Author [?]
142-page PDF document and supporting PDF. It is critical to articulate the execution of the Business and subsequently the IT Strategy in to a service strategy. The objective of ITIL is to help IT leaders provide a business view of the IT departments ability to create value and [read more]
$34.99

Add to Cart View Details

How to Evaluate Cloud Migration Initiation
Listed under:  Information Technology  Strategy, Marketing, & Sales
View more from: vskumar
16-slide PowerPoint deck and supporting Word. This presentation has been prepared to elaborate the below areas with live examples/issues/risks on Cloud Conversion Evaluation & Initiation: 1. How to initiate a cloud transformation? 2. How the IT organizations have their current [read more]
$25.00

Add to Cart View Details

Cloud Strategy with Users Scenarios and Business Request
Listed under:  Operations  Strategy, Marketing, & Sales
View more from: stjianga
43-slide PowerPoint deck. The Service Cloud Quick Start Packs will drive efficiencies in the design and development of Service Cloud capabilities, answering client demands to "go faster" when deploying SaaS solutions for customer service and support. The asset [read more]
$100.00

Add to Cart View Details

Assessment Dashboard - Cloud Migration
Listed under:  Information Technology
View more from: Gerard Blokdijk
Excel workbook and supporting ZIP. The Cloud Migration Self-Assessment will make you a Cloud Migration domain expert by: 1. Reducing the effort in the Cloud Migration work to be done to get problems solved 2. Ensuring that plans of action include every Cloud Migration [read more]
$79.00

Add to Cart View Details

Digital Transformation Strategy
Listed under:  Information Technology  Strategy, Marketing, & Sales
View more from: LearnPPT   Top Flevy Author [?]
118-slide PowerPoint deck. Digital Transformation is being embraced by companies across most industries, as the role of technology shifts from being a business enabler to a business driver. Transformation is driven by 6 Technology Trends: - Social Media - [read more]
$89.00

Add to Cart View Details

Project Prioritization Tool
Listed under:  Information Technology  Operations
View more from: Demand Metric   Top Flevy Author [?]
Excel workbook. The Project Prioritization Tool can be used to rank projects based on their company strategic fit, economic impact, and feasibility. The tool works by allowing you to create a rational method to force rank each project where you define and [read more]
$49.95

Add to Cart View Details

IT Strategy
Listed under:  Information Technology
View more from: LearnPPT   Top Flevy Author [?]
30-slide PowerPoint deck. This is a comprehensive document on Information Technology (IT) / Management Information Systems (MIS) Strategy. This document includes IT strategy frameworks, critical success factors, detailed project approach and [read more]
$39.00

Add to Cart View Details

ITIL Service Catalogue Template
Listed under:  Information Technology
View more from: Dartview Consulting   Top Flevy Author [?]
11-page Word document. This document is based on ITIL v3 and provides a template for a detailed Service Catalogue. A Service Catalogue is one of the three elements of an IT Service Providers, Service Portfolio. The Service Portfolio is the complete set of [read more]
$30.00

Add to Cart View Details

Audit Report Model and Sample
Listed under:  Information Technology  Operations
View more from: John Kyriazoglou
26-page Word document. This document "Audit Report: Model and Sample" contains a model of an audit report and a real sample from an IT Audit assignment (data of client not disclosed for privacy and confidentiality issues). This has been used [read more]
$29.00

Add to Cart View Details

What project are you working on?
Cloud?   Balanced Scorecard?   Bain Presentations?   Or something else.
Have a look at our holistic Business Toolkits. We have over 250+ toolkits covering a wide range of business topics.