A basic need for cloud computing services is to provide them with sound "Information Security Risk Management (ISRM)" solutions. The initial essential step toward providing such solutions is to identify a context that deter- mines all security issues. This paper introduces a management framework that targets modularity and comprehensiveness. The framework is based on the structured wide-scope view of Strategy, Technology, Organization, People and Environment (STOPE); and on recent publications related to ISRM by standards, published research work. The outcome of the work would provide a useful context establishment management tool for the future development of ISRM for cloud computing.