MIS 2101 Chapter Notes - Chapter 7: Service-Level Agreement, Environmental Security, Event Management
How to Choose Your Cloud Service Provider
• Selecting the right cloud service provider to trust with your infrastructure, critical
applications and sensitive data can be a difficult process
• Even though many organizations are concerned about data security in the cloud, a
minority of companies perform a comprehensive review of their cloud service providers
before sealing the deal
• Organizations considering a cloud service provider should look for three things:
o Trust
o Technical expertise and understanding
o A third-party compliance audit
• Organizations can use the Unified Certification Standard (UCS) control objectives as a
guide to what they should know about a provider. Control objectives are:
o Provider organization, governance, planning and risk management
o Documented policies and procedures
o Service change management
o Event management
o Logical security
o Change management
o Data integrity
o Physical and environmental security
o Service level agreement
o Client reporting, billing and satisfaction
o Financial health
find more resources at oneclass.com
find more resources at oneclass.com