From the course: CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Cloud audits and investigations
From the course: CompTIA Security+ (SY0-601) Cert Prep: 9 Operations and Incident Response
Cloud audits and investigations
- [Instructor] When conducting audits or assessments of organizations that leverage the cloud, audit professionals run into some unique challenges. The use of virtualization and cloud computing raises unique assurance issues. The very fact that an organization is using service providers for the storage, processing and/or transmission of some of their data expands the scope of an audit. If the organization is depending upon the security controls of their provider in some way, which is always the case in cloud computing, then that providers controls may be within the scope of the audit. Now, this might lead you to think that auditors would need to travel to the cloud provider site and verify the controls there, just as they would have the organization's own data centers. After all, they do need some assurance that the controls are functioning properly, but just imagine what that would mean. How would you visit the data…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.