1.Separation on Duties
2.Training
3.Authentication and Authorization procedures.
4.Vulnerability assessments
5.Backup and Recovery processes.
6.Logging
7.Data retention control
8.Secure disposal
Technical requirements
1.Creating,accessing,updating,deleting data objects in cloud systems.
2.Moving VMs and virtual appliances between cloud systems.
3.Selecting the best IaaS vendor for private externally hosted cloud system.
4.Tools for monitoring and managing multiple cloud systems.
5.Migrating data between cloud system.
6.Single sign-on access to multiple cloud system.
7.Orchestrated processes across cloud system.
8.Discovering cloud resources.
9.Evaluating SLAs and penalties.
10.Auditing cloud system.