The Cloud Security Assessment Report Template is to be used to document the Phase 1 assessment of a cloud service provider (CSP) and its cloud services. It details the security assessment findings that should be included and how it should be presented in the report. This improves the consistency of the cloud security assessment reports, allowing cloud consumers to more easily compare CSPs against one another, and to determine which CSP is best suited to their security and business needs.
The Cloud Security Assessment Report Template can be customised as needed to best document the findings from the security assessment of a CSP and its cloud services. Information Security Registered Assessors Program (IRAP) assessors should, however, limit the changes to the report to only what is necessary, maintaining its structure and headings to ensure reports are consistent.