For this week’s assignment, you will be creating a cloud risk management plan. Please do not submit a paper; please submit a plan. A plan is defined as an intention or decision about what one is going to do. To this point, I want to know, what’s your plan for managing risks related to the cloud. The plan is how you plan to manage risks related to using a third party cloud vendor. The plan must address the six steps below and include a risk registry. Please note, your risk registry should not be empty.
The NIST document, the attached lecture, and template from the textbook on page 448 will help you frame the plan. Risk management framework is attached for your reference. You may have to research additional information to put the plan together. Here’s a hint: risk = vulnerability x threat x the likely hood of an incident occurring.
Step 1: Categorize Information Systems.
Step 2: Select Security Controls.
Step 3: Implement Security Controls.
Step 4: Assess Security Controls.
Step 5: Authorize Information System.
Step 6: Monitor Security Controls.
It would be best if you have done this assignment before so you know how it needs to be done… thank you.