This case study examines the Department of Administrative Services (DAS) in the Australian Government, which is transitioning to a "Shared Services" approach using cloud computing. The assignment analyzes the security and privacy risks associated with this migration, particularly focusing on employee data. It identifies existing and new threats, including data breaches, unauthorized access, identity theft, and data corruption, considering the move to SaaS. The study assesses the likelihood, impact, and priority of these risks, proposing preventive actions and contingency plans. The analysis covers various aspects, such as the centralization of data, the use of third-party APIs, and the importance of data security measures. The assignment also discusses the challenges of maintaining data privacy and the need for updated software and secure storage solutions. The case study highlights the need for proactive security measures, employee awareness, and robust infrastructure to mitigate these risks effectively.