When swiftly adopting cloud technology, assessing the security of a cloud provider (or even your own data center) can be an afterthought — an undertaking for which you don’t have sufficient time and resources. But cloud providers are responsible for the delivery, availability, and, possibly, recovery of your data. This requires a level of scrutiny that is proportionate to the type of data and services that they’re supplying. This checklist can help you validate your approach to cloud providers’ security and risk management controls by making sure you haven’t overlooked key areas of concern.