Cloud Risk Assessment

When moving to the use of cloud service it is most important to take a risk based approach.  However the process involved is often manual and time consuming; a tool is needed to enable a more rapid and consistent assessment of the risks involved.

This session describes why a risk based approach is needed.  It provides detailed information on the KuppingerCole Cloud Rapid Risk Assessment Tool developed by KuppingerCole to help organizations assess the risks around their use of cloud services together in a rapid and repeatable manner.

 After attending this session you will be able to:

• Explain why a risk based approach to the use of cloud services is needed.
• Explain the inherent risks that the KuppingerCole Cloud Rapid Risk Assessment Tool covers.
• Collect the information needed to use the tool.
• Describe the KuppingerCole Cloud Rapid Risk Assessment Tool.

 Completion of this workshop qualifies for up to 3 Group Learning based CPEs

Who should attend?

This workshop is intended for the people in an organization that are concerned with procuring and assuring cloud services including:

• IT Governance/Compliance/Audit managers
• IT service managers
• IT risk/security managers
• Procurement and Legal managers
• Line of business managers considering cloud services

Detailed Workshop Program

The KuppingerCole Cloud Rapid Risk Assessment Tool is intended to help organizations assess the risks around their use of cloud services and choose the controls that could mitigate these risks.  The tool has a built in database which includes the most important risks in the use of a cloud service, together with their impact and probability.  This provides a starting point that makes it easier for organizations to assess risk by building upon what exists rather than starting from scratch.

This tool uses information collected by the user to determine the relative risk of a specific cloud use case and deployment.  The specified use case is evaluated through the use of a questionnaire which leads the user through the risks.  Each risk can be included or excluded from consideration or given a priority.  For the risks that are included the tool considers the assurances that are provided by the CSP and/or actions taken by the customer to mitigate each risk.  These assurances are used to modify the impact or the probability of the inherent risk.

This workshop uses real life scenarios to demonstrate the use of the KuppingerCole Cloud Rapid Risk Assessment Tool to understand the risks of using a specific cloud service and to ensure that these risks are managed to meet the organization’s risk appetite while obtaining the required business benefits.

Presentation deck

Cloud Risk Assessment

Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.