Week 6 and terms
involves identifying, assessing, and mitigating potential risks associated with cloud services to protect data and ensure operational continuity.
Risk management
involves determining the appropriate actions to address identified risks, such as accepting, avoiding, mitigating, or transferring them.
Risk response
helps maintain a record of identified risks, mitigation strategies, and actions taken to address them, providing a reference for future risk assessments.
Risk documentation
refers to the potential dependency and difficulty in switching cloud service providers due to proprietary technologies or contractual terms.
Vendor lock-in
is the process of handling and mitigating security incidents or breaches to minimize damage, restore services, and prevent future occurrences.
Incident response
is the process of evaluating potential risks, their likelihood, and their impact on cloud services and data.
A risk assessment
involves shifting the responsibility for potential risks to another party, such as an insurance provider or a cloud service vendor.
Risk transfer
is a comprehensive record or database that captures and tracks identified risks, their associated information, and the status of mitigation efforts.
A risk register
These are documented step-by-step instructions that outline how to perform routine tasks or processes in a consistent and standardized manner.
standard operating procedures (SOPs)
define the rules and procedures for granting and managing user access to systems, applications, and sensitive data within an organization.
Access and control policies
helps organizations understand potential threats, prioritize mitigation efforts, and make informed decisions to protect their cloud environments.
Assessing risks
This is the decision to acknowledge and tolerate a certain level of risk without taking further action, typically when the associated cost of mitigation outweighs the potential impact.
Risk acceptance
refers to the assignment of responsibility to a specific individual or team for managing and addressing a particular risk in cloud services.
Risk ownership
refers to the structured approach and processes used to plan, coordinate, and implement changes in an organization while minimizing disruption and risk.
Change management
These are guidelines and procedures tailored to address the specific needs, regulations, or requirements of a particular department within an organization.
Department-specific policies
This strategy involves implementing measures to reduce or eliminate risks and their potential impact on cloud services.
Risk mitigation
helps organizations address vulnerabilities and implement controls to reduce the likelihood and impact of security incidents in cloud services.
Risk mitigation
involves evaluating the potential impact and likelihood of identified risks, enabling organizations to prioritize mitigation efforts and allocate resources effectively.
Risk analysis
involves effectively allocating and utilizing organizational resources, such as personnel, equipment, and budget, to meet strategic objectives.
Resource management
refers to the open and effective communication of risks within an organization, ensuring that relevant stakeholders are aware of the risks and their potential impact on cloud services.
Risk transparency
involves continuously assessing and tracking risks in cloud services to ensure that mitigation strategies remain effective.
Risk monitoring
involves effectively conveying information about identified risks, their potential impact, and recommended mitigation strategies to relevant stakeholders.
Risk communicatio
refers to an organization's willingness to accept a certain level of risk based on its risk appetite and business objectives.
Risk tolerance
guidelines and rules that define how an organization protects its assets, data, and information systems from unauthorized access, breaches, and vulnerabilities.
Security policies
refers to the ability to easily and securely transfer data between different cloud platforms or services
Data portability