Security Guidance for Critical Areas of Focus in Cloud Computing
Section I. Cloud Architecture
Domain 1: Cloud Computing Architectural Framework
Section II. Governing in the Cloud
Domain 2: Governance and Enterprise Risk Management
Domain 3: Legal and Electronic Discovery
Domain 4: Compliance and Audit
Domain 5: Information Lifecycle Management
Domain 6: Portability and Interoperability
Section III. Operating in the Cloud
Domain 7: Traditional Security, Business Continuity and Disaster Recovery
Domain 8: Data Center Operations
Domain 9: Incident Response, Notification, and Remediation
Domain 10: Application Security
Domain 11: Encryption and Key Management
Domain 12: Identity and Access Management
Domain 13: Virtualization