Cloud Computing I

Cloud computing provides convenient on-demand network access that helps organizations achieve strategic and operational objectives cost-effectively. However, cloud computing also introduces risks and other challenges that need to be managed effectively.

Here are the topics we'll cover.

1. Introduction to the Cloud
   • Fundamental concepts 
   • Potential issues moving to the cloud 
   • Traditional IT vs cloud computing 
2. Cloud Service Models
   • The different types of “as a service” 
   • Cloud service models: SaaS, PaaS, IaaS and others 
   • Service delivery characteristics 
   • Cloud Shared Responsibility Model 
3. Cloud Deployment Models
   • Types, characteristics, and areas of focus: Public, private, hybrid, and others 
   • Use cases. 
   • Deployment models and key strategic and operational considerations 
4. Cloud Adoption: Financial Services
   • Top computing trends 
   • Deployment strategies and barriers  
   • Myths and facts 
5. Legal and Regulatory
   • Organizational liabilities 
   • US federal and state security and privacy laws 
   • EU privacy laws, rights, principles and multi-jurisdictional considerations 
   • Key cloud privacy, legal and regulatory considerations  
6. Cyber Liability Insurance
   • Key considerations, provisions, costs, and other statistics 
   • Reasons for cyber liability insurance claim denials 
   • The responsibilities of the insured and coverage implications 
   • Trends and important developments 
7. Cloud Architecture and Technologies
   • The cloud ecosystem 
   • Cloud architecture characteristics, key elements and considerations 
   • Review of key risks, controls, and audit implications 
8. Cloud Operations and Management
   • Cloud infrastructure: Key considerations and statistics 
   • Management of cloud components and processes 
   • Storage considerations 
   • Clustering, resource scheduling, elasticity, costs, and information management consoles and performance monitoring 
   • Management and security tools 
9. Virtualization
   • Definitions and architecture,  
   • Hypervisors: Functionality, key capabilities, and considerations 
10. Basics of Microservices, Containers, DevOps
    • Definitions, types, and characteristics 
    • Containers: Benefits, deployment considerations, stacking, security 
    • DevOps: Definition, characteristics, and best practices 
    • Continuous Integration (CI) and Continuous Delivery (CD) pipeline 
11. Data in the Cloud
    • Building an effective relationship with the cloud service provider (CSP) 
    • Data ownership and security: Key concepts and practices 
    • Data archival and destruction 
    • Legal considerations 
12. Cloud Migration
    • Cloud readiness assessments and evaluation criteria 
    • Cloud migration implementation strategies and challenges 
    • Best practices and audit considerations 
13. Business Continuity (BC) and Disaster Recovery (DR)
    • Techniques to manage business continuity risks 
    • Key success factors, metrics, and strategic options 
    • Disaster Recovery as a Service (DRaaS) statistics and best practices 
    • Trends, options, and key audit considerations 
14. Incident Response in the Cloud
    • Key statistics, concepts, and practices 
    • Incident response management and best practices 
    • Forensic investigations in the cloud 
    • Contracts and service level agreements (SLA) 
    • Shared responsibility risk matrices and incident response preparedness 
15. Top Threats to Cloud Computing
    • Top threats: Types and characteristics 
    • Key statistics and security trends 
16. Cloud Controls and Frameworks
    • Oversight of third-party service providers 
    • Cloud controls matrix 
    • Data security and privacy lifecycle management tools 
    • Audit considerations: Risks, controls, frameworks, tools and practices 
17. Cloud Security
    • Security objectives and challenges for cloud computing 
    • Key statistics and implications 
    • Best practices and emerging technologies 
18. Risk Management
    • The impacts of the cloud on organizations and risk management 
    • Risk categories: Examples and implications 
    • Third-party risk management principles, practices, and considerations 
19. IT Governance for Cloud Computing
    • Key elements and challenges for IT cloud governance 
    • Essential policies and their characteristics 
    • Cloud governance strategies and recommendations 
    • Due diligence and assessment key steps 
    • Entity controls and essential contractual terms 
20. Audit and Assurance
    • Objectives, scope, and challenges 
    • Key examination areas