Risks assessments before using public cloud services
When and how to assess the risks of using public cloud services — including who approves it, sending certain risk documents to the Government Chief Digital Officer (GCDO) and using your risk assessment.
You need to assess risks when looking for or starting to use services — and when there are significant changes or new risks.
Complete your risk assessment — to help with this, use your answers to the relevant questions in the tool for public cloud services.
See your organisation’s policies to know who is authorised to accept risk at each level for an information system.
Send your completed questions from the risk assessment tool and signed endorsement form to the Government Chief Digital Officer (GCDO).
Update your organisation’s risk registers and schedule future reviews of your information’s risks and security controls.
Match your time and effort on risk assessments to the information’s risk and value — here’s why and how.
Utility links and page information