Organizations adopting IaaS/PaaS-based programs need to be able to confidently determine what security controls they require based on their unique organizational requirements. This tool follows a custom framework where an organization's cloud risk profile is analyzed to produce unique recommendations under four main categories:
- Completeness of security controls.
- Auditability of those security controls.
- Governability of the program's security.
- Interoperability of the IaaS/PaaS program.