Betcher, Thomas J.2010-02-242010-02-242010-02-24https://hdl.handle.net/1794/10207This paper was completed as part of the final research component in the University of Oregon Applied Information Management Master's Degree Program [see htpp://aim.uoregon.edu].Although the benefits of cloud computing are well known, safety concerns have received less attention (Rash, 2009). This review of selected literature, published between 2007 and 2009, identifies key IT-related cloud computing risks that should be considered by security practitioners. Three types of cloud computing risks are examined: policy and organizational, technical, and legal. Risk mitigation strategies are also explored, and include audit controls, policies and procedures, service level agreements, and other forms of governance.en-USCloud computingSecurity risk mitigationAudit controlsApplied Information ManagementAIMDataOther