The Three C’s of a Quality Cloud Audit

Subscriber Content
Screenshot of first page of The Three C’s of a Quality Cloud Audit
By
Protiviti

As organizations migrate their data centers — servers, software and applications — to the cloud, internal audit (IA) teams must adapt their audit procedures to ensure that compliance and governance controls remain effective regardless of where data resides. Most internal audit teams approach cloud audits as part of an overall IT general controls type audit or perhaps as part of a targeted capabilities audit. With either approach, however, it is important to audit holistically when working in a complex infrastructure.

This article outlines Protiviti's comprehensive cloud audit approach, which is based on leading practices and frameworks created by the CIS.


Topics
Audit Planning
Data Security
Change Management
Cloud Computing
IT Security
Privacy

Related Resources

Articles

Architecting Your Cloud Infrastructure for Failure (and Resilience)

Articles

Beyond Business Continuity Management: Building Resilience for Extreme but Plausible Events in a Post-COVID-19 World

Articles

Cloud Oversight in Financial Services: Understanding Responsibility and Control

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.

Let's Do It