Cloud Security Policy June 2018

This Policy provides an overview of cloud computing and the security and privacy challenges involved. The document discusses the threats, technology risks, and safeguards for cloud environments, and aspires to provide the insight needed to make ICT decision makers take informed decisions by providing tools such as a detailed questionnaire that can be used to assess and evaluate the cloud service provider (CSP) offerings. This document applies to all State Agencies in the Qatari government that use or are planning to use cloud-computing services. This document can also be considered as a security guide to the entire ICT sector in the state of Qatar.