The Three C’s of a Quality Cloud Audit
Subscriber Content
Cloud Assurance Triple Check: Completeness, Compliance and Cybersecurity in Auditing
As organizations migrate their data centers — servers, software and applications — to the cloud, internal audit (IA) teams must adapt their audit procedures to ensure that compliance and governance controls remain effective regardless of where data resides. Most internal audit teams approach cloud audits as part of an overall IT general controls type audit or perhaps as part of a targeted capabilities audit. With either approach, however, it is important to audit holistically when working in a complex infrastructure.
This article outlines Protiviti's comprehensive cloud audit approach, which is based on leading practices and frameworks created by the CIS.