This course introduces the seemingly new and specific risks of the various types of cloud computing. Through reviewing recent cloud computing failures and breaches, together with a detailed discussion of traditional contract compliance issues and associated risk mitigation strategies, participants will come away with an ability to assess and prioritize risks associated with their organization's planned or existing implementation(s) of cloud computing.
This course also emphasizes established tools and techniques to assess and prioritize these risks. Course exercises will provide attendees the opportunity to prepare an audit program specific to cloud computing for their organizations. Best practices for reporting, including use of visual models to communicate the location of data and responsibility for controls, will be featured.