However, 66 per cent of respondents were in favour of an external Cloud certification, with 35 per cent added that the certification should be based only on an agreed-upon standard.

The survey also found that few Australian organisations had sought certifications or done their own security site assessments.

"So, while their greatest fear is losing sight of data in the Cloud, few actually go looking for controls," Trovato said.

"While there is work being done in this area globally, organisations cannot rely on external bodies to address all of the risks associated with Cloud computing," he said.

"The risks are undoubtedly significant and must be managed within an organisation by implementing formal IT risk management procedures."