The European Network and Information Security Agency (ENISA), which was set up by the EU to carry out very specific technical and scientific tasks in the field of Information Security has published a practical guide about the procurement and governance of cloud services. Although, the guide focuses on the public sector, the content covered such as, service availability and continuity makes it also applicable to private entities wishing to enhance their knowledge about which methods and indicators can be used in SLAs. IT officers, IT security officers, procurement officers and service managers interested in cloud services are presented with the security aspects of cloud or other outsourced IT services.
What kind of data, assessments, reports, and information do customers require from their cloud service providers? The guide defines Service availability, Incident response, Service elasticity and load tolerance, Data life-cycle management, Technical compliance and vulnerability management, Change management, Data isolation and Log management and forensics.
Download the full guide from here – https://www.enisa.europa.eu/activities/application-security/test/procure-secure-a-guide-to-monitoring-of-security-service-levels-in-cloud-contracts/at_download/fullReport