The US National Institute of Standards and Technology (NIST) has recently published its
Guidelines on Security and Privacy in Public Cloud Computing, which although from the US perspective, provides some useful recommendations as to the practical steps to take in evaluating a potential cloud solution. Although the guidelines do not deal with the legislative requirements of data protection we are required to tackle here in the UK, the Summary of Recommendations at p.51 does provide a useful practical checklist of questions-to-ask and issues-to-consider when looking to adopt a cloud computing provider. The report can be found on the
NIST website.