Risk Guidelines

Entities such as the National Institute of Standards and Technology (NIST), International Organization of Standards (ISO), the US Department of Defense, and the US Government Accountability Office produce guidelines for managing risk in cloud environments. These guidelines may contain analysis of risk vectors and recommended mitigation measures.

Resources

The ISO 31000 Standard Risk Management: Principles and Guidelines
NIST Security and Privacy Controls: Fundamentals and Procedures
Federal Risk and Authorization Management Program (FedRAMP)
Risk Management with ISO 31000