This standard describes the main security risks that cloud computing may face and proposes basic requirements for the security management of cloud computing services adopted by government departments as well as the security management and technical requirements for each stage of the life cycle of cloud computing services.
This standard provides government departments with lifecycle security guidance when using cloud computing services, especially the socialized cloud computing services.It is suitable for government departments to purchase and use cloud computing services, and can also be used for reference by key industries and other enterprises and institutions.
