Rana Alosaimi and Mohammad Alnuem, King Saud University, Saudi Arabia

Cloud computing technology has experienced exponential growth over the past few years. It provides many advantages for both individuals and organizations. However, at the same time, many issues have arisen due to the vast growth of cloud computing. Organizations often have concerns about the migration and utilization of cloud computing due to the loss of control over their outsourced resources and cloud computing is vulnerable to risks. Thus, a cloud provider needs to manage the cloud computing environment risks in order to identify, assess, and prioritize the risks in order to decrease those risks, improve security, increase confidence in cloud services, and relieve organizations’ concerns on the issue of using a cloud environment. Considering that a conventional risk management framework does not fit well with cloud computing due to the complexity of its environment, research in this area has become widespread. The aim of this paper is to review the previously proposed risk management frameworks for cloud computing and to make a comparison between them in order to determine the strengths and weaknesses of each of them. The review will consider the extent of the involvement and participation of consumers in cloud computing and other issues.

Cloud Computing; Risk Management & Information Security