Auditing the Cloud: Risks, Frameworks, and Real Value скачать в хорошем качестве

Auditing the Cloud: Risks, Frameworks, and Real Value

The Institute of Internal Auditors Presents: All Things Internal Audit Tech Sponsored by Grant Thornton (https://www.grantthornton.com/) Cloud security has become a top board-level concern and a permanent fixture on audit plans. In this companion episode to the Global Best Practices’ A Roadmap to Auditing Cloud Security, Adam Ross talks with Vik Rai and Aadesh Gandhre about the challenges of auditing in multi-cloud environments, regulatory requirements, and the importance of governance and shared responsibility. They explore skill gaps, third-party risk, frameworks, and practical approaches to building a phased cloud security audit program, helping internal auditors strengthen resilience and provide real value. HOST: Adam Ross (  / adam-ross-29488a4  ) , CIA, CISA Partner, Grant Thornton Advisors, LLC GUEST: Vik Rai (  / vikrantr1  ) , CISSP, CISA Managing Director, Grant Thornton Advisors, LLC Aadesh Gandhre (  / aadesh-gandhre  ) , CISA, CAMS (Sanctions), ITIL 4, Certified Cryptocurrency Auditor, Certified in Cybersecurity Chief Audit Executive, DTCC KEY POINTS: • Introduction [00:00–00:00:47] • Why Cloud Security Matters Now [00:00:51–00:03:10] • Board-Level Visibility and Audit’s Role [00:03:12–00:05:51] • Regulatory Expectations and Frameworks [00:05:54–00:10:28] • Skills and Governance at the Board Level [00:11:14–00:13:49] • Shared Responsibility and Security Models [00:14:05–00:17:51] • Resiliency, Outages, and Accountability [00:17:13–00:18:57] • Starting a Cloud Security Audit [00:19:08–00:21:46] • Upskilling Auditors for Cloud Environments [00:22:14–00:23:05] • Cloud Security Posture Management (CSPM) [00:23:15–00:27:54] • Phased and Risk-Based Audit Planning [00:29:07–00:35:42] • Final Thoughts [00:37:02–00:40:43] • Closing [00:41:28–00:41:46] IIA RELATED CONTENT: Interested in this topic? Visit the links below for more resources: • Global Best Practices: A Roadmap To Auditing Cloud Security (https://www.theiia.org/en/content/art...) • Webinar: Hybrid Cloud Security: A Primer for Internal Auditors (https://www.theiia.org/en/content/vid...) • Tech: Control in the Cloud (https://internalauditor.theiia.org/en...) • 2025 Financial Services Exchange Conference (https://www.theiia.org/en/events/conf...) Visit The IIA's website (https://www.theiia.org/en/) or YouTube (   / %40iiaglobalhq  ) channel for related topics and more. Follow All Things Internal Audit: -Apple Podcasts (https://podcasts.apple.com/us/podcast...) -Spotify (https://open.spotify.com/show/1NB6ExN...) -Libsyn (https://1984d534-f92f-4772-a722-6ac47...) -Deezer (https://www.deezer.com/us/show/5250577)