Qualitative Analysis of Cloud Computing Risks and Framework for the Rationalization and Mitigation of Cloud Risks

Maria Azua Himmel, Pace University


Cloud computing is a popular subject across the IT industry, but risks associated with this new technology and delivery model are not yet well understood. This research investigates, in a qualitative fashion, the vectors that contribute to cloud computing risks in the areas of security, business, and compliance. The focus of this research is on the identification of risk vectors that affect cloud computing and the creation of a framework that can help IT managers in their cloud adoption process. Economic pressures on businesses are creating a demand for an alternative delivery model that can provide flexible payments, dramatic cuts in capital investment, and reductions in operational cost. Cloud computing is positioned to take advantage of these economic pressures with low cost IT services and a flexible payment model—but at what risk to the business? Security concerns about cloud computing are heightened and fueled by misconceptions related to security and compliance risks. Unfortunately these security concerns are seldom expressed quantifiably. To bring clarity to cloud computing security, compliance, and business risks, this research focuses on a qualitative analysis of risk vectors drawn from one-on-one interviews with top IT leaders. The qualitative aspect of this research separates facts from unfounded suspicions, and creates a Framework that can help align perceived risks of cloud computing with actual risks. The qualitative research, through interviews with experts, is complemented with a survey to measure risk perceptions about cloud computing using a Likert scale. The decision model and Framework created by this research help rationalize the risk vectors on cloud environments and recommend mitigation strategies to bring the IT industry one step closer to a clearer understanding of the risks-tradeoffs implications of cloud computing environments.

Subject Area

Computer science

Recommended Citation

Himmel, Maria Azua, "Qualitative Analysis of Cloud Computing Risks and Framework for the Rationalization and Mitigation of Cloud Risks" (2012). ETD Collection for Pace University. AAI3520142.



Remote User: Click Here to Login (must have Pace University remote login ID and password. Once logged in, click on the View More link above)