{"id":1038,"date":"2015-06-01T21:09:07","date_gmt":"2015-06-02T04:09:07","guid":{"rendered":"https:\/\/www.microsoft.com\/industry\/blog\/uncategorized\/cloud-risk-assessment\/"},"modified":"2023-07-18T09:01:02","modified_gmt":"2023-07-18T16:01:02","slug":"cloud-risk-assessment","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/","title":{"rendered":"Cloud security risk assessment for government"},"content":{"rendered":"<h2 class=\"epgPsSolutionArticleTitle\">Assessing compliance and cloud security risk<\/h2>\n<div class=\"epgPsSolutionArticleDescription\">\n<p>Cloud computing presents many organizations with a dilemma. The cost benefits and flexibility are undeniable but the path to a decision appears thick with uncertainty. In reality cloud computing is just another option available to government organizations\u00a0with different compliance obligations and risk characteristics and it is these which need to be examined systematically in order to arrive at the right outcome for your organization.<\/p>\n<p>Microsoft has developed a structured way for customers to assess various cloud options against each other drawn from the ISO31000 Enterprise Risk Management standard. It is called <i>\u201cAssessing compliance &amp; risk for cloud computing deployments\u201d.<\/i><\/p>\n<p>We provide a set of tools to achieve this that includes the following components downloadable from this page:<\/p>\n<ol>\n<li><b>Field book<\/b> \u2013 A practical field book built on ISO 31000 for compliance assessment and risk-based decision-making in cloud computing. This field book is for both IT and non-IT individuals. No special training is needed and any competent business practitioner should be able to follow the process and achieve a decision.<\/li>\n<li><b>Case study<\/b> \u2013 A detailed worked example based on a fictitious government agency that walks users through a scenario and provides guidance for their own investigations.<\/li>\n<li><b>Excel template<\/b> \u2013 A way for users to record the findings of their own assessment. This includes drop down menus for populating input and color coding for summarizing findings. It is completely open and extensible by users and we have pre-populated 50 of the most common risks.<\/li>\n<li><b><span class=\"VideoClick\">Video<\/span><\/b> \u2013 Listen to Microsoft Australia\u2019s Chief Technology Officer talk about the Cloud Risk Assessment framework, tools and how he positions it with Microsoft partners and customers.<\/li>\n<\/ol>\n<p>Taken together these four\u00a0components will allow a competent program or project manager to investigate multiple cloud alternatives and arrive at the right outcome for your organization. A specialist risk practitioner is not required. Our experience indicates that the assessment should commence using the Field Book to understand the process steps, where to source input, and how to run the investigation. You can then utilize the detailed Case Study as a guide for your own analysis and then populate your results for the risk section into the Excel template.<\/p>\n<p>You are then ready to make a decision!<\/p>\n<h3>Next steps:<\/h3>\n<p><a href=\"http:\/\/office.microsoft.com\/en-au\/business\/office-365-trust-center-cloud-computing-security-FX103030390.aspx\" target=\"_blank\" rel=\"noopener\">The Office 365 Trust Center<\/a><br \/>\n<a href=\"http:\/\/azure.microsoft.com\/en-us\/support\/trust-center\/\" target=\"_blank\" rel=\"noopener\">The Microsoft Azure Trust Center<\/a><br \/>\n<a href=\"http:\/\/www.microsoft.com\/en-us\/dynamics\/crm-trust-center.aspx\" target=\"_blank\" rel=\"noopener\">Microsoft Dynamics CRM Trust Center<\/a><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Assessing compliance and cloud security risk with the right tools for your government organization.<\/p>\n","protected":false},"author":582,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ep_exclude_from_search":false,"_classifai_error":"","footnotes":""},"categories":[1515],"post_tag":[],"content-type":[1483],"coauthors":[4308],"class_list":["post-1038","post","type-post","status-publish","format-standard","hentry","category-government","content-type-thought-leadership","review-flag-1593580416-594"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Cloud security risk assessment for government - Microsoft Industry Blogs<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cloud security risk assessment for government - Microsoft Industry Blogs\" \/>\n<meta property=\"og:description\" content=\"Assessing compliance and cloud security risk with the right tools for your government organization.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Industry Blogs\" \/>\n<meta property=\"article:published_time\" content=\"2015-06-02T04:09:07+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-07-18T16:01:02+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-content\/uploads\/2019\/01\/cropped-microsoft_logo_element.png\" \/>\n\t<meta property=\"og:image:width\" content=\"512\" \/>\n\t<meta property=\"og:image:height\" content=\"512\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Microsoft Industry for Government Team\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Microsoft Industry for Government Team\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 min read\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/author\/microsoft-industry-for-government-team\/\",\"@type\":\"Person\",\"@name\":\"Microsoft Industry for Government Team\"}],\"headline\":\"Cloud security risk assessment for government\",\"datePublished\":\"2015-06-02T04:09:07+00:00\",\"dateModified\":\"2023-07-18T16:01:02+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/\"},\"wordCount\":389,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/#organization\"},\"articleSection\":[\"Government\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/\",\"name\":\"Cloud security risk assessment for government - Microsoft Industry Blogs\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/#website\"},\"datePublished\":\"2015-06-02T04:09:07+00:00\",\"dateModified\":\"2023-07-18T16:01:02+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cloud security risk assessment for government\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/\",\"name\":\"Microsoft Industry Blogs\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/#organization\",\"name\":\"Microsoft Industry Blogs\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-content\/uploads\/2019\/08\/Microsoft-Logo.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-content\/uploads\/2019\/08\/Microsoft-Logo.png\",\"width\":259,\"height\":194,\"caption\":\"Microsoft Industry Blogs\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cloud security risk assessment for government - Microsoft Industry Blogs","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/","og_locale":"en_US","og_type":"article","og_title":"Cloud security risk assessment for government - Microsoft Industry Blogs","og_description":"Assessing compliance and cloud security risk with the right tools for your government organization.","og_url":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/","og_site_name":"Microsoft Industry Blogs","article_published_time":"2015-06-02T04:09:07+00:00","article_modified_time":"2023-07-18T16:01:02+00:00","og_image":[{"width":512,"height":512,"url":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-content\/uploads\/2019\/01\/cropped-microsoft_logo_element.png","type":"image\/png"}],"author":"Microsoft Industry for Government Team","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Microsoft Industry for Government Team","Est. reading time":"2 min read"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/author\/microsoft-industry-for-government-team\/","@type":"Person","@name":"Microsoft Industry for Government Team"}],"headline":"Cloud security risk assessment for government","datePublished":"2015-06-02T04:09:07+00:00","dateModified":"2023-07-18T16:01:02+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/"},"wordCount":389,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/#organization"},"articleSection":["Government"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/","url":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/","name":"Cloud security risk assessment for government - Microsoft Industry Blogs","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/#website"},"datePublished":"2015-06-02T04:09:07+00:00","dateModified":"2023-07-18T16:01:02+00:00","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/government\/2015\/06\/01\/cloud-risk-assessment\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/"},{"@type":"ListItem","position":2,"name":"Cloud security risk assessment for government"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/","name":"Microsoft Industry Blogs","description":"","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/#organization","name":"Microsoft Industry Blogs","url":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-content\/uploads\/2019\/08\/Microsoft-Logo.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-content\/uploads\/2019\/08\/Microsoft-Logo.png","width":259,"height":194,"caption":"Microsoft Industry Blogs"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/#\/schema\/logo\/image\/"}}]}},"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Industry Blogs","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/industry\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-json\/wp\/v2\/posts\/1038"}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-json\/wp\/v2\/users\/582"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-json\/wp\/v2\/comments?post=1038"}],"version-history":[{"count":0,"href":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-json\/wp\/v2\/posts\/1038\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-json\/wp\/v2\/media?parent=1038"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-json\/wp\/v2\/categories?post=1038"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-json\/wp\/v2\/post_tag?post=1038"},{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-json\/wp\/v2\/content-type?post=1038"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/industry\/blog\/wp-json\/wp\/v2\/coauthors?post=1038"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}