Cloud Oversight in Financial Services: Understanding Responsibility and Control

Subscriber Content
Screenshot of the first page of Cloud Oversight in Financial Services Understanding Responsibility and Control
By
Randy Armknecht and Noah Kessler, Protiviti Managing Directors

On April 30, 2020, the Federal Financial Institutions Examination Council (FFIEC) issued guidance formalizing effective cloud risk management principles. Many have been highlighted by the CSPs and independent industry organizations, such as the Center for Internet Security (CIS), previously.

Since this is the first formal guidance from the FFIEC on cloud security, we wanted to offer some thoughts on common cloud misconceptions and how internal audit functions can provide assurance on their institutions’ use of cloud computing environments — not only during cloud migration but on an ongoing basis.


Topics
Change Management
Business Continuity Management
Compliance
Financial Services Industry
Internal Audit
Project Management
Cloud Computing

Related Resources

Articles

Moving Finance to the Cloud: What Finance Leaders Need to Know

Articles

Strategies for Reducing Retail Shrink During Challenging Times

Articles

Winning the Finance Talent War: Five Strategies

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.

Let's Do It