Cloud Computing I

IT Audit

Overview

Cloud computing provides convenient on-demand network access that helps organizations achieve strategic and operational objectives cost-effectively. However, cloud computing also introduces risks and other challenges that need to be managed effectively.

Here are the topics we'll cover.

  1. Introduction to the Cloud
    • Fundamental concepts 
    • Potential issues moving to the cloud 
    • Traditional IT vs cloud computing 
  2. Cloud Service Models
    • The different types of “as a service” 
    • Cloud service models: SaaS, PaaS, IaaS and others 
    • Service delivery characteristics 
    • Cloud Shared Responsibility Model 
  3. Cloud Deployment Models
    • Types, characteristics, and areas of focus: Public, private, hybrid, and others 
    • Use cases. 
    • Deployment models and key strategic and operational considerations 
  4. Cloud Adoption: Financial Services
    • Top computing trends 
    • Deployment strategies and barriers  
    • Myths and facts 
  5. Legal and Regulatory
    • Organizational liabilities 
    • US federal and state security and privacy laws 
    • EU privacy laws, rights, principles and multi-jurisdictional considerations 
    • Key cloud privacy, legal and regulatory considerations  
  6. Cyber Liability Insurance
    • Key considerations, provisions, costs, and other statistics 
    • Reasons for cyber liability insurance claim denials 
    • The responsibilities of the insured and coverage implications 
    • Trends and important developments 
  7. Cloud Architecture and Technologies
    • The cloud ecosystem 
    • Cloud architecture characteristics, key elements and considerations 
    • Review of key risks, controls, and audit implications 
  8. Cloud Operations and Management
    • Cloud infrastructure: Key considerations and statistics 
    • Management of cloud components and processes 
    • Storage considerations 
    • Clustering, resource scheduling, elasticity, costs, and information management consoles and performance monitoring 
    • Management and security tools 
  9. Virtualization
    • Definitions and architecture,  
    • Hypervisors: Functionality, key capabilities, and considerations 
  10. Basics of Microservices, Containers, DevOps
    • Definitions, types, and characteristics 
    • Containers: Benefits, deployment considerations, stacking, security 
    • DevOps: Definition, characteristics, and best practices 
    • Continuous Integration (CI) and Continuous Delivery (CD) pipeline 
  11. Data in the Cloud
    • Building an effective relationship with the cloud service provider (CSP) 
    • Data ownership and security: Key concepts and practices 
    • Data archival and destruction 
    • Legal considerations 
  12. Cloud Migration
    • Cloud readiness assessments and evaluation criteria 
    • Cloud migration implementation strategies and challenges 
    • Best practices and audit considerations 
  13. Business Continuity (BC) and Disaster Recovery (DR)
    • Techniques to manage business continuity risks 
    • Key success factors, metrics, and strategic options 
    • Disaster Recovery as a Service (DRaaS) statistics and best practices 
    • Trends, options, and key audit considerations 
  14. Incident Response in the Cloud
    • Key statistics, concepts, and practices 
    • Incident response management and best practices 
    • Forensic investigations in the cloud 
    • Contracts and service level agreements (SLA) 
    • Shared responsibility risk matrices and incident response preparedness 
  15. Top Threats to Cloud Computing
    • Top threats: Types and characteristics 
    • Key statistics and security trends 
  16. Cloud Controls and Frameworks
    • Oversight of third-party service providers 
    • Cloud controls matrix 
    • Data security and privacy lifecycle management tools 
    • Audit considerations: Risks, controls, frameworks, tools and practices 
  17. Cloud Security
    • Security objectives and challenges for cloud computing 
    • Key statistics and implications 
    • Best practices and emerging technologies 
  18. Risk Management
    • The impacts of the cloud on organizations and risk management 
    • Risk categories: Examples and implications 
    • Third-party risk management principles, practices, and considerations 
  19. IT Governance for Cloud Computing
    • Key elements and challenges for IT cloud governance 
    • Essential policies and their characteristics 
    • Cloud governance strategies and recommendations 
    • Due diligence and assessment key steps 
    • Entity controls and essential contractual terms 
  20. Audit and Assurance
    • Objectives, scope, and challenges 
    • Key examination areas 

Learning Style

Instructor Led

Level

Advanced

Who this course is for

Senior operational and IT auditors, technologists, information security managers, and analysts, audit managers and directors.

NASBA Certified CPE

24 credits

Field of Study

Auditing

Length of course

24h

Prerequisites

None

Advanced Preparation

None
Start Learning Today
Stay ahead of the curve and future-proof your business with training programs designed for you.
Contact Sales

Here are the learning objectives we'll cover

  • Describe cloud computing types, features, and characteristics.
  • Recognize the indicators of effective cloud computing configuration and practices.
  • Identify key risks, controls, and audit techniques.

Attendance policy for on-site and online instructor-led training

Students are expected to arrive on time for classes with the proper materials and attitude. An overall attendance rate of 100% is expected to fully absorb the materials and to complete labs. If you have an expected absence, please email support@acilearning.com or your instructor ahead of time. The number of CPEs awarded will be equivalent to the number of hours attended.

ACI Learning is registered with NASBA

ACI Learning is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: https://www.nasbaregistry.org/