Hacker attacks on various critical infrastructures in the period 2000-2020 have shown that the application of adequate physical security measures is not enough, but it is necessary to provide protection against attacks in cyberspace. The consequences of such incidents can be financially significant, lead to a loss of customer confidence in the company, and inextreme situations can endanger the environment or lead to human casualties.Using cloud computing, the maintenance and upgrade of computer hardware and software are delegated to a third party. Power system management companies are currently mostly skeptical about connecting smart grids to cloud computing, mainly due to a large amount of sensitive data and a large number of critical processes of public importance. The subject of research of this doctoral dissertation is the methodology ofsecurity risk assessment of the application of the latest achievements in the field of cloud computing in the context of monitoring and management of smart power systems (EES). Here it is important to emphasize the existence of significant differences between the Supervisory Control and DataAcquisition (SCADA) subsystem, which in the scientific and professional literature is often called the “operational subsystem” (Operational Technology – OT), or business subsystem which is often referred to in the relevant literature as “information technology” (IT). In this paper, the focuswill be on the analysis of security risks in the OT subsystem.This topic is important because its thorough analysis can encourage smart power system owners to decide on the step of adopting solutions in the field of cloud computing while maintaining a high level of security and safety.