Auditing the Cloud

Cloud computing provides organizations with access to human and technical resources that might otherwise be cost prohibited. Each organization should establish a business case, articulating both the benefits and inherent risks of moving a portion of its operations to the cloud.  
Globally, there has been a significant increase in the activity of hackers who breach managed service providers (MSPs) in order to execute ransomware attacks, point-of-sale intrusions, and business email compromise (BEC) scams. The alert explained how the attackers use MSP solutions to gain access into the internal networks of customers.

This course provides participants with a deeper understanding of cloud-related designs, risks, and controls, while examining the connection between cybersecurity and cloud environments. Further, this course provides additional insight into cloud-related standards and guidelines, and explains how to audit cloud environments.

Keep scrolling to register!

Early bird discount offer available to members up to 6 weeks prior to course start date. Pricing will be reflected upon checkout.

Special Group Rate for 10+ Available
A special group rate is available for purchases of ten or more. To make a Group purchase or for more information on Group discounts, please get in touch with Group Services.


Pricing is per person and is in U.S. dollars.
Discounted rates applied during checkout.

SKU: 1010.SEM.SE00.00014.00.01
Your price: $459.00

Who will benefit from this course?

This course will deepen participant’s understanding of cloud-related designs, risks, and controls, while examining the connection between cybersecurity and cloud environments, and explaining how to audit cloud environments. This course is designed for internal auditors with a basic understanding of information technology and cybersecurity concepts, and for those who have been involved in internal audit engagements that require an understanding of how to manage the impact of cloud computing on organizational risks. This course assists IT personnel gain an understanding of how to prepare when their organization is subject to a cloud audit.

Course Objectives

  • Define cloud computing from an internal audit perspective.
  • Explore the cloud-cybersecurity connection and the importance of classifying and assessing the cloud environment.
  • Examine internal audit considerations regarding contract provisions and first- and third-party insurance.
  • Describe cloud standards and guidelines, and how they affect an organization.
  • Explain how to assess an organization’s liabilities when utilizing cloud solutions.

Course Topics

Understanding the Cloud Environment

  • The cloud, and what it is.
  • The cloud, and how it works.
  • Common cloud standards and guidelines.
  • Cloud models and deployments.
  • Cloud provider selection criteria.
  • Connectivity between the cloud provider and the client site. 

Examining Cloud-Based Risks and Controls

  • Cloud governance and strategy.
  • Cloud-based asset and configuration management.
  • Risks related to cloud providers and conducting cloud-based risk assessments.
  • Cybersecurity threats associated with cloud utilization.
  • Key cloud contract considerations. .
  • Annual assessment/service organization control (SOC) reports.

Assessing the Cloud Environment

  • Assessing cloud tools.
  • Assessing the cloud provider contract.
  • Assessing cloud controls at the cloud vendor and client sites.