Cloud Risks & Risks Management

2/2/22, 5:20 PM Assessing Risk in Cloud Computing

https://leocontent.umgc.edu/content/scor/uncurated/cca/2218-cca610/learning-topic-list/assessing-risk-in-cloud-computing.html?ou=622270 1/1

Learning Topic

Assessing Risk in Cloud Computing Risk assessment is the process by which variables are evaluated to determine the amount

and type of risk present. Such assessments are used for decision making as well as for

resource management. Critical components of cloud computing risk assessments include

cataloging and analyzing IT assets, identifying and understanding threats, and determining

any vulnerabilities that might exist.

Risk assessments identify, quantify, and prioritize risks measured against the

organization's tolerance for risk. One mechanism to identify weaknesses is a vulnerability

assessment, which systematically evaluates an environment (hardware or software) to

determine its susceptibility to vulnerabilities that might expose the network or data to

unauthorized access.

Evaluating risks for cloud computing purposes should not be limited to the computer

network environment; the process should also include the people and the physical

environment, both of which can introduce risks. Operational security (OPSEC) focuses on

identifying and protecting critical information that might disclose details that could be

used for the purposes of exploitation, while physical security identifies and protects the

physical environment against unauthorized entry.

© 2022 University of Maryland Global Campus

All links to external sites were verified at the time of publication. UMGC is not responsible for the validity or integrity

of information located at external sites.