Cloud Service Level Agreement: A Supplement for NIST 800-171 Implementation

THE IMPORTANCE OF A CLOUD SERVICE LEVEL AGREEMENT (CSLA)This book is not another Cloud Security Theory book, it is a practical and how-to volume for both the Cloud Service Customer (CSC) and Cloud Service Provider (CSP) negotiate the Cloud Service Level Agreement (CSLA) based on defined terms and metrics. This is more than a high-level description of "risks and challenges" involved in entering into a true CSLA. It is a "down in the weeds" approach with nearly 100 specific Service Level Objectives (SLO)-the next level down--with suggested metrics that get you started on Day 1.This book is written to address a vital component of Cloud Security, the Service Level Agreement (SLA). While many of us who work in the cybersecurity agree that the SLA is a critical artifact in determining third-party responsibility for the implementation of security controls, there is very little information in the public arena on what a good SLA consists of. This book is written for that very purpose. If you are writing or reviewing a CSLA or an Information Technology (IT) SLA in general, what are the elements needed to effectively have a good service agreement? What are the kinds of Service Level Objectives (SLO) do you need to manage as a company or agency to ensure your overall shared cybersecurity responsibilities are being met? This book is written to provide a how-to approach to better understand the place and importance of the CSLA.