Expansion of a Risk Management Framework for Software as a Service Provider
Keywords:
SaaS, Risk management framework, Security controlsAbstract
The adoption of Software as a Service (SaaS) is becoming prevalent. With its ease of use and cost savings in time and management, many customers are shifting to usage of third- party applications to help them streamline and manage their business processes efficiently and effectively. SaaS providers must ensure that customer data is secure. To effectively manage the risks surrounding SaaS provider’s IT infrastructure, a risk management framework was developed to identify, mitigate and evaluate potential impact of risks. This framework provided visibility into infrastructure security risks. It mapped the infrastructure of SaaS provider in compliance with ISO 31000:2018 and NIST Cyber security Framework. The risk management framework helped the SaaS provider better understand the security risks surrounding its SaaS solution. It also helped in the secure deployment of SaaS projects to drive improved user experience and high customer satisfaction. The gap assessment showed the areas where improvement must be made. Additional scenarios and continuous monitoring are needed to avoid a false sense of security.
Downloads
Downloads
Published
Issue
Section
License
Copyright (c) 2023 TWIST
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
