Risk Assessment Method of Cloud Environment


  • Martin Zbořil Prague University of Economics and Business, Faculty of Informatics and Statistics, 130 67 Prague, Czech Republic




Cloud computing, cloud services, security, risk assessment, method, case study


Cloud technology usage in nowadays companies constantly grows every year. Moreover, the COVID-19 situation caused even a higher acceleration of cloud adoption. A higher portion of deployed cloud services, however, means also a higher number of exploitable attack vectors. For that reason, risk assessment of the cloud environment plays a significant role for the companies. The target of this paper is to present a risk assessment method specialized in the cloud environment that supports companies with the identification and assessments of the cloud risks. The method itself is based on ISO/IEC 27005 standard and addresses a list of predefined cloud risks. Besides, the paper also presents the risk score calculation definition. The risk assessment method is then applied to an accounting company in a form of a case study. As a result, 24 risks are identified and assessed within the case study where each risk included also exemplary countermeasures. Further, this paper includes a description of the selected cloud risks.


Download data is not yet available.




How to Cite

Zbořil, M. (2022). Risk Assessment Method of Cloud Environment. COMPUTING AND INFORMATICS, 41(5), 1186–1206. https://doi.org/10.31577/cai_2022_5_1186