Report a cybercrime, cyber security incident or vulnerability.
Report

What are you looking for?

You can search for keywords to find pages that can help you e.g. scam

Content written for

Small & medium business
Large organisations & infrastructure
Government

This page lists publications on securing the use of cloud computing services.

Blueprint for Secure Cloud

The Blueprint provides better practice guidance, configuration guides and templates covering risk management, architecture and standard operating procedures developed as per the controls in ASD’s Information security manual (ISM).

Cloud assessment and authorisation

This publication is co-designed with industry to support the secure adoption of cloud services across government and industry.

Cloud assessment and authorisation FAQ

This publication provides answers to frequently asked questions on the Australian Signals Directorate (ASD)’s assessment and authorisation framework for cloud service providers (CSPs) and their cloud services.

Cloud computing security for cloud service providers

This publication is designed to assist cloud service providers (CSPs) in offering secure cloud services. It can also assist assessors in validating the security posture of a cloud service, which is often verified through an Infosec Registered Assessors Program (IRAP) assessment of the CSP services.

Cloud computing security for executives

This publication is designed to provide executives from organisations looking to utilise cloud computing services an overview of the components that make up ‘cloud’ and help understand the security risks to be considered when using cloud computing.

Cloud computing security for tenants

This publication is designed to assist an organisation’s cybersecurity team, cloud architects and business representatives to jointly perform a risk assessment and use cloud services securely.

Cloud shared responsibility model: Guidance for individuals and small and medium businesses

This publication is for individuals and small and medium businesses that use or plan to use a cloud service. It explains what the shared responsibility model (SRM) is, and how responsibility for cloud security is shared between you and the cloud service provider (CSP).

Cloud shared responsibility model: Executive guidance

This publication is for executives with cyber security responsibilities in government entities, critical infrastructure and large organisations that use or plan to use a cloud service. This guidance aims to strengthen your understanding of the shared responsibility model (SRM), and potential impacts to your cyber security posture and your governance obligations.
Was this helpful?
Yes this was helpful
No this was not helpful

Thanks for your feedback!

We welcome additional feedback below.

Was this information easy to understand?
Will you take action after reading this?
Did you find the information you were looking for?
Did the design and layout of this page meet your expectations?