There are two categories of risk: internal and external.
Internal Risks
Internal risks arise from inside of the company, and the types can include technology, physical, and people. Examples of each are below:
| Type | Examples |
|---|---|
| Technology | The company's software cannot function in a cloud environment because of a programming error. |
| Physical | The company suffers a fire at its headquarters and loses all physical prototypes of its voting devices. |
| People | A dishonest employee steals the company's plan for migration and publishes it. This erodes public trust and results in contract cancellation. |
External Risks
External risks arise from outside of the company. There are natural factors such as natural disasters and political factors such as new political leadership.
Vendor-Related Risks
Vendor-related risks are a substantial risk for the cloud computing model, and can include vendor insolvency and service outages. In addition, a vendor may choose to arbitrarily discontinue cloud services without notice.
Service-Level Related Risks
In a cloud computing model, your internal information technology organization is not responsible for all aspects of the company's platform. If your cloud computing vendor suffers an outage, your customers suffer as well and you may not have any recourse. This could lead to reduced revenue and leave an unfavorable perception of your organization for customers.