Organizations adopting IaaS/PaaS-based programs need to be able to confidently determine what security controls they require based on their unique organizational requirements. This tool follows a custom framework where an organization's cloud risk profile is analyzed to produce unique recommendations under four main categories:
- Completeness of security controls.
- Auditability of those security controls.
- Governability of the program's security.
- Interoperability of the IaaS/PaaS program.
This tool provides digestible security control requirements specific to any organization and allow the safe adoption of IaaS/PaaS programs.