ICT-as-a-service risk assessment guideline
This document provides guidance to support an agency in making informed and evidence-based decisions to either transition an ICT workload (system/application/data) to an as-a-service model (cloud, managed service) or to deliver via an in-house traditional approach.