Risks assessments before using public cloud services
When and how to assess the risks of using public cloud services — including who approves it, sending certain risk documents to the Government Chief Digital Officer (GCDO) and using your risk assessment.
When to assess the risks of using a public cloud service
You need to assess risks when looking for or starting to use services — and when there are significant changes or new risks.
Assess the risks of using a public cloud service
Complete your risk assessment — to help with this, use your answers to the relevant questions in the tool for public cloud services.
Check who can approve the risk level
See your organisation’s policies to know who is authorised to accept risk at each level for an information system.
Send your risk documents to the GCDO
Send your completed questions from the risk assessment tool and signed endorsement form to the Government Chief Digital Officer (GCDO).
Use your risk assessment
Update your organisation’s risk registers and schedule future reviews of your information’s risks and security controls.