Cloud Risk and Governance Services

Due to different reasons such as increasing costs and developing technology, the number of institutions that carry out some or all of their activities thanks to the services they receive from cloud service providers is increasing day by day. This situation highlights the expectations of the institutions in order to meet their business needs by the suppliers, the requirements for the improvement of the related processes and the assurance activities that should be carried out in order to meet these expectations.

Below you can find our services to improve your cloud risk management and governance structure for service users and related processes for service providers:

  • Evaluation, creation and improvement of cloud risk management and governance structure
  • Evaluation, design and improvement of processes and controls regarding cloud usage in line with good practices, internationally accepted framework and standards and legislation
  • Identifying the roles and responsibilities of cloud service providers in processes such as governance, operation, security and continuity regarding information Technologies
  • Evaluating process maturity levels for cloud usage, benchmarking maturity levels and preparing an improvement roadmap
  • Evaluating, creating and improving the cloud usage model and architecture in terms of technology, operation and legislation
  • Risk analysis for cloud service providers and technical evaluation
  • Evaluation, design and improvement of processes and controls regarding the services provided by cloud service providers in line with good practices, internationally accepted framework and standards and legislation
  • Determination of cloud service providers service levels (SLA)
  • Evaluation, design and improvement of processes and controls regarding services provided by cloud service providers in line with good practices, internationally accepted framework and standards and legislation
  • Conducting audits in line with local and international standards such as GDS3402, ISAE3402, SOC-1-2-3 etc. for assurance needs regarding the services provided by cloud service providers
  • Auditing in line with contractual requirements regarding the services provided by cloud service providers
  • Providing evaluation and selection support for cloud service providers

Contact us

Özkan Kıvanç

Özkan Kıvanç

Risk Assurance Services Partner, PwC Turkey

Tel: +90 212 326 6648

Mehmet Zeki Önal

Mehmet Zeki Önal

Information Technologies Risk and Governance Services Leader, PwC Turkey

Tel: +90 212 326 6773

Follow us