As you are creating a list of questions for information security, what questions should you ask? Here is a list from Net Security from Creating a cloud security policy.
Perhaps a differentiation is the level of the organisation such as small business vs corporate. These considerations mainly apply to corporate organisations.
