Cloud Computing I
IT Audit
Overview
Cloud computing provides convenient on-demand network access that helps organizations achieve strategic and operational objectives cost-effectively. However, cloud computing also introduces risks and other challenges that need to be managed effectively.
Here are the topics we'll cover.
- Introduction to the Cloud
- Fundamental concepts
- Potential issues moving to the cloud
- Traditional IT vs cloud computing
- Cloud Service Models
- The different types of “as a service”
- Cloud service models: SaaS, PaaS, IaaS and others
- Service delivery characteristics
- Cloud Shared Responsibility Model
- Cloud Deployment Models
- Types, characteristics, and areas of focus: Public, private, hybrid, and others
- Use cases.
- Deployment models and key strategic and operational considerations
- Cloud Adoption: Financial Services
- Top computing trends
- Deployment strategies and barriers
- Myths and facts
- Legal and Regulatory
- Organizational liabilities
- US federal and state security and privacy laws
- EU privacy laws, rights, principles and multi-jurisdictional considerations
- Key cloud privacy, legal and regulatory considerations
- Cyber Liability Insurance
- Key considerations, provisions, costs, and other statistics
- Reasons for cyber liability insurance claim denials
- The responsibilities of the insured and coverage implications
- Trends and important developments
- Cloud Architecture and Technologies
- The cloud ecosystem
- Cloud architecture characteristics, key elements and considerations
- Review of key risks, controls, and audit implications
- Cloud Operations and Management
- Cloud infrastructure: Key considerations and statistics
- Management of cloud components and processes
- Storage considerations
- Clustering, resource scheduling, elasticity, costs, and information management consoles and performance monitoring
- Management and security tools
- Virtualization
- Definitions and architecture,
- Hypervisors: Functionality, key capabilities, and considerations
- Basics of Microservices, Containers, DevOps
- Definitions, types, and characteristics
- Containers: Benefits, deployment considerations, stacking, security
- DevOps: Definition, characteristics, and best practices
- Continuous Integration (CI) and Continuous Delivery (CD) pipeline
- Data in the Cloud
- Building an effective relationship with the cloud service provider (CSP)
- Data ownership and security: Key concepts and practices
- Data archival and destruction
- Legal considerations
- Cloud Migration
- Cloud readiness assessments and evaluation criteria
- Cloud migration implementation strategies and challenges
- Best practices and audit considerations
- Business Continuity (BC) and Disaster Recovery (DR)
- Techniques to manage business continuity risks
- Key success factors, metrics, and strategic options
- Disaster Recovery as a Service (DRaaS) statistics and best practices
- Trends, options, and key audit considerations
- Incident Response in the Cloud
- Key statistics, concepts, and practices
- Incident response management and best practices
- Forensic investigations in the cloud
- Contracts and service level agreements (SLA)
- Shared responsibility risk matrices and incident response preparedness
- Top Threats to Cloud Computing
- Top threats: Types and characteristics
- Key statistics and security trends
- Cloud Controls and Frameworks
- Oversight of third-party service providers
- Cloud controls matrix
- Data security and privacy lifecycle management tools
- Audit considerations: Risks, controls, frameworks, tools and practices
- Cloud Security
- Security objectives and challenges for cloud computing
- Key statistics and implications
- Best practices and emerging technologies
- Risk Management
- The impacts of the cloud on organizations and risk management
- Risk categories: Examples and implications
- Third-party risk management principles, practices, and considerations
- IT Governance for Cloud Computing
- Key elements and challenges for IT cloud governance
- Essential policies and their characteristics
- Cloud governance strategies and recommendations
- Due diligence and assessment key steps
- Entity controls and essential contractual terms
- Audit and Assurance
- Objectives, scope, and challenges
- Key examination areas
Learning Style
Instructor Led
Level
Advanced
Who this course is for
Senior operational and IT auditors, technologists, information security managers, and analysts, audit managers and directors.
NASBA Certified CPE
24 credits
Field of Study
Auditing
Length of course
24h
Prerequisites
None
Advanced Preparation
None
Start Learning Today
Stay ahead of the curve and future-proof your business with training programs designed for you.
Contact SalesHere are the learning objectives we'll cover
- Describe cloud computing types, features, and characteristics.
- Recognize the indicators of effective cloud computing configuration and practices.
- Identify key risks, controls, and audit techniques.
Attendance policy for on-site and online instructor-led training
Students are expected to arrive on time for classes with the proper materials and attitude. An overall attendance rate of 100% is expected to fully absorb the materials and to complete labs. If you have an expected absence, please email support@acilearning.com or your instructor ahead of time. The number of CPEs awarded will be equivalent to the number of hours attended.
ACI Learning is registered with NASBA
ACI Learning is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: https://www.nasbaregistry.org/