IT Management Consulting, Training Services, Audit & Security Reviews Since 1984
Home  >  Services  >  Training Courses  >  Business Automation Consultants, LLC. Course Offerings

: The Essentials of Cloud Computing for Audit Professionals

CPE Credits: 7

Description:

We can argue that it is not a matter of whether cloud computing will become ubiquitous—because the economic forces are inescapable—but rather what can we do to assess enterprise governance, risk assessment and development of strong internal controls, in the implementation and management of ever increasing cloud computing environments.

This new training program will begin by first establishing the definition of cloud computing, then describing the various service delivery models of a cloud computing architecture, and the ways in which clouds can be deployed as public, private, hybrid, and community clouds, followed by a much deeper review of the security and privacy issues related to cloud computing environments.

We will examine cloud computing models, look into the threat model and security issues related to data and computation outsourcing, and explore practical applications of secure cloud computing. Using the confidentiality, integrity, and availability of data (CIA) model we will examine the threats and security implications to befall poorly established and maintained cloud computing environment. Audit approaches and methodologies for assessing internal control exposures within cloud computing environments will also be fully discussed and examined.
 

 

Audience:

This presentation is intended for Internal and external auditors (IT, financial, operational), Chief Technology Officers, General Counsels, Chief Information Officers, Chief Security Officers, Controllers, and persons charged with establishing or reviewing the implications of establishing strategies that embrace cloud computing and coordinate the role of organizational IT in substantiating organizational compliance to today’s (and tomorrow’s) governance regulations, as well as professionals who generally want to learn more about cloud computing and assessing their organization’s implementation of cloud computing technologies.

Prerequisites:

There is no prerequisite for this seminar.

Objectives:

After completing this seminar, participants will be able to:

1. Discuss, with confidence, what is cloud computing and what are key security and control considerations within cloud computing environments.

2. Identify various cloud services.

3. Assess cloud characteristics and service attributes, for compliance with enterprise objectives.

4. Explain the four primary cloud category “types”.

5. Evaluate various cloud delivery models.

6. Contrast the risks and benefits of implementing cloud computing.

7. Specify security threat exposure within a cloud computing infrastructure.

8. Recognize steps and processes used to perform an audit assessment of a cloud computing environment.

9. Summarize specific environments that would benefit from implementing cloud computing, contrasted against those environments that might not benefit.

10. Weight the impact of improperly controlled cloud computing environments on organizational sustainability.
 

Course Outline:

I. Cloud Computing Definition

II. What are Cloud Services

III. Cloud Service Attributes

• Access to the Cloud
• Cloud Hosting
• Information Technology Support
• Provisioning
• Pricing
• Underestimated costs
• User Interface
• System Interface
• Shared Resources/Common Versions

IV. Characteristics of Cloud Computing

• Rapid elasticity
• Pay per use
• Independent resource pooling
• Network access
• On-demand self-service

V. Cloud Categories

• Public Cloud
• Private Cloud
• Hybrid Cloud
• Community Cloud

VI. Cloud Delivery Models

• SaaS
• PaaS
• Iaas

VII. Current Cloud Services

VIII. Cloud Costs

• Bandwidth
• Monitoring
• Legacy System Integration
• Capacity Planning

IX. Corporate Growth within the Cloud

X. Benefits of Cloud Computing

• Economical
      • Energy
      • Foot Print
• Flexible
      · Accessibility
      · Scalability
• Fast Implementation
• Ease of Implementation (non-legacy Systems)
• Dependable Service
     · Quality of Service
     · Collaborative Nature
     · Updated Software (provided by the host)
• Effectiveness
 

XI. Risks of Cloud Computing

XII. Security Challenges

• Threats

XIII. Cloud Based IT Audit Process

• Definition
• Cloud Based IT Governance
• Contractual compliance between the service provider and customer
• System and Infrastructure Lifecycle Management for the Cloud
• Protection and Privacy of Information Assets in the Cloud
• Business Continuity and Disaster Recovery
• Control issues specific to cloud computing
• Global Regulatory Impact of Cloud Computing
• Cloud Morphing: The future of cloud computing security and audit.

XIV. Cloud Scenarios and Considerations – Control, Risk Implications

• Would you want the computer that controls safety local or in the cloud?
• Someone you know is in a hospital. Do you want their respirator and medical dosage managed in the cloud or locally?
• Weapons control system? Cloud or managed locally?
• Corporate web server?
• Satellite navigation system?
• DNS, Firewall rules, Active Directory?
• ERP?
• Workforce management?

XV. Examples
 

For more information contact Dr. Marcella personally

More Items in Business Automation Consultants, LLC. Course Offerings

Fundamentals of IT Auditing for Non-IT Auditors and Enterprise Professionals
Add Fundamentals of IT Auditing for Non-IT Auditors and Enterprise Professionals to Cart
Business Continuity, Disaster Recovery and Incident Management Planning
More Details
Assessing Organization IT Business Risk Exposure
More Details
Assessing Organizational and Individual Ethics: A Value-Added Audit
More Details

Business Automation Consultants, LLC
c/o
ALBERT J. MARCELLA, JR., Ph.D., CISA,CISM
Principal

P.O. Box 63362
St. Louis, MO 63163
(314) 504-0530
amarcella@mindspring.com
View Al Marcella, Ph.D., CISA, CFSA, CDP's profile on LinkedIn

 

Other Services: