Skip to Main Content
IT Auditing Using Controls to Protect Information Assets, 2nd Edition, 2nd Edition
book

IT Auditing Using Controls to Protect Information Assets, 2nd Edition, 2nd Edition

by Chris Davis, Mike Schiller, Kevin Wheeler
February 2011
Intermediate to advanced content levelIntermediate to advanced
512 pages
15h 37m
English
McGraw-Hill
Content preview from IT Auditing Using Controls to Protect Information Assets, 2nd Edition, 2nd Edition

CHAPTER 14Auditing Cloud Computing and Outsourced Operations

In this chapter, we will discuss key controls to look for when you are auditing IT operations that have been outsourced to external companies, including the following:

• Definitions of cloud computing and other forms of IT outsourcing

• SAS 70 reports

• Vendor selection controls

• Items to include in vendor contracts

• Data security requirements

• Operational concerns

• Legal concerns and regulatory compliance

Background

The concept of outsourcing IT operations to external service providers is not a new one. Companies have been implementing this concept for years, from hosting their applications via an application service provider (ASP), to storing their computer equipment in a co-location ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Legal and Privacy Issues in Information Security, 3rd Edition

Legal and Privacy Issues in Information Security, 3rd Edition

Joanna Lyn Grama
Auditing IT Infrastructures for Compliance, 3rd Edition

Auditing IT Infrastructures for Compliance, 3rd Edition

Robert Johnson, Marty Weiss, Michael G. Solomon

Publisher Resources

ISBN: 9780071742382