ABSTRACT
In this chapter, we focus only on the tier 3 security risk related to the operation and use of cloud-based information systems. To prevent and mitigate any threats, adverse actions, service disruptions, attacks, or compromises, organizations need to quantify their residual risk below the threshold of the acceptable level of risk.
