O'Reilly logo

Auditing Cloud Computing: A Security and Privacy Guide by Ben Halpert

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Appendix

Cloud Computing Audit Checklist

Jeff Fenton

This appendix contains a high-level audit checklist based on selected key points introduced throughout the book. More detail on each aspect here can be found in the corresponding chapters.

Cloud-Based IT Audit Process (Chapter 2)

img Has the organization applied overall risk management governance to the cloud-provided services? Have relevant risks been identified and treated, including the consideration of insurance where appropriate?

img Has legal counsel been engaged to evaluate provider contracts and address data protection, confidentiality, and intellectual property issues? Have issues such as source code escrow for provided applications been addressed? What if there is a change in control of the cloud provider?

img When an existing, internally hosted system is moved to the cloud, have the controls that were provided internally but are not provided in the cloud been identified? When the system was developed internally and is later moved to the cloud, which controls did developers assume or develop that are not provided in the cloud?

img How ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required