After a review by KPMG we have published an updated list of IT infrastructure risks. This list contains special subsections for outsourcing, multitenancy and virtualisation related risks.
The 1.1 version of our risk list contains 25 new risks. We would like to thank Mike Chung of KPMG’s IT Advisory department for his contribution to the framework. The risk list is available on http://www.cloudcontrols.org/cloudcontrols/risks/ and is also downloadable in Excel format: Cloudcontrols-2011-11-04-Risk-list-v1.1.xlsx
The next step we will take is the publication of the controls that can be used to counter the risks specified in the risk list.