The evaluation guide provides a structure that supports the customer in systematically evaluating a C5 report. This includes the security measures of the cloud provider (and the related audit results), setting up its own user controls for use, and thus being able to assess and manage the risk associated with cloud usage.