Understanding and Evaluating Cloud Use Enterprise-Wide
Building best practices to support critical enterprise activities
These resources have been developed to address the unique concerns and emerging best practice solutions for outsourcers around security and controls for cloud vendor use. Included are practical recommendations, questions to discuss with cloud providers, and lessons learned for control domains that are cloud-related to:
- Improve ability to detect and respond to cyber-related events.
- Improve accountability in down-chain providers.
- Increase the probability that regulatory compliance will be better documented.
- Improve event investigations outcomes for continuous improvement efforts.
These recommendations may be used in conjunction with Shared Assessments Program Tools and resources, or may be selected and incorporated into other types of audits or assessments of environments containing cloud elements.
To obtain a copy of these papers, please complete the form below. A download link will be sent upon receipt of submission to the email address provided.