Whether considering the procurement of cloud services, migrating the organisation’s existing services onto a cloud delivery model, or delivering a new cloud-based service to your customers it is important to conduct a cloud risk assessment to identify and manage the associated risks.
A cloud risk assessment of the cloud service will help to recognise the project risks and will appropriately feed into the project or organisational risk register to ensure effective risk management and where necessary the implementation of additional security controls.
A cloud risk assessment of the cloud service will help to recognise the project risks and will appropriately feed into the project or organisational risk register to ensure effective risk management and where necessary the implementation of additional security controls.
The Prism Infosec Cloud Security Assessment service includes an initial cloud risk assessment consultation to understand more about your business and its associated threat landscape as well as to explore further your cloud procurement or deployment project. Following that, we will work with your project teams to understand in more detail how the service is designed and implemented, alongside how it will operate and be utilised on an ongoing basis. Our consultants will also determine the nature of the information assets that are being hosted within the cloud environment to incorporate any risks associated with legal or regulatory issues that could affect the service.
The assessment will also be supplemented, where appropriate, with technical security reviews of elements of the cloud service. The nature of the reviews vary dependent on the type of service being assessed, however typical test cases include data separation tests, build reviews, infrastructure and application tests.
We will also identify whether your policies, procedures and any necessary service contracts are sufficiently robust to complement the service’s technical security controls and to ensure effective use of the service.
The service deliverable shall be executive and detailed reports clearly identifying the risks associated with the cloud service and any associated organisational assets, alongside practical, pragmatic, clear and concise recommendations on how to effectively manage them moving forward. Additionally, we will deliver a presentation to executive and/or technical staff on our findings and recommendations.
Email Prism Infosec, complete our Contact Us form or call us on 01242 652100 and ask for Sales to setup an initial discussion.