Summary of 126 - Conducting Cloud Service Provider IT Security Assessment

Course Description

This course is designed based on the Canadian Centre for Cyber Security (Cyber Centre) Cloud Assessment Program methodology. In this course, you will gain the ability to assess Software as a Service (SaaS) vendors. This course will give you an in-depth understanding of how-to setup an assessment team, the overall methodology to conduct an assessment including evaluating controls, calculating residual risk, and creating IT Security Assessment reports. Information on the Cyber Centre Supply Chain Integrity Program , the Public Services and Procurement Canada (PSPC) Contract Security Program and engaging with the Cyber Centre Cloud Architecture Oversight and Verification team will also be presented.

Course Objectives

The objectives of this course are to ensure that upon successful completion, you will be able to:

  • Identify the overall methodology to conduct an assessment, including roles and responsibilities
  • Determine the role of the Cyber Centre Supply Chain Integrity Program and the PSPC Contract Security Program
  • Conduct a Cloud IT Security Assessment and the residual risk calculations
  • Create an IT Security Assessment Report
  • Describe the role of the Cyber Centre Oversight and Verification team




4 day

Target Audience

Professionals in IT roles, such as IT practitioners, architects and security analysts, project managers, and coordinators, who participate in the conduct of Security Assessment and Authorization (SA&A) assessments or the implementation of cloud service controls.

Recommended Prior Learning

This course assumes participants have previous knowledge in cloud computing, IT Security risk management, and threat risk assessments. This knowledge could be gained by attending course no. 910 - IT Security Risk Management Bootcamp.

Report a problem on this page
Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: