CLOUD CONTROL

In an interview, Carrie Furr, director, Technology Risk Consulting at RSM US LLP and Eric Lovell, practice director, IT Internal Audit Solutions at PwC, talked about cloud control. Lovell said that having a complete inventory is the first step in managing the cloud control environment. Armed with th...

Full description

Saved in:
Bibliographic Details
Published inThe Internal Auditor Vol. 77; no. 2; p. 64
Main Authors Furr, Carrie, Lovell, Eric
Format Trade Publication Article
LanguageEnglish
Published Altamonte Springs Institute of Internal Auditors, Incorporated 01.04.2020
Subjects
Cloud computing
Furr, Carrie
Internal auditing control
Lovell, Eric
Online AccessGet more information

Cover

More Information
Summary:In an interview, Carrie Furr, director, Technology Risk Consulting at RSM US LLP and Eric Lovell, practice director, IT Internal Audit Solutions at PwC, talked about cloud control. Lovell said that having a complete inventory is the first step in managing the cloud control environment. Armed with this information, organizations can better understand the risks associated with their cloud services; drive clarity regarding roles and responsibilities between vendor and customer; and validate that controls are in place for security, reliability, agility, and compliance of their clouds. Furr added that at her company, they frequently work in partnership with internal audit resources and other key stakeholders to "teach them to fish". This model allows experienced advisors to train their staffs during initial assessments/audits, so they can conduct future cloud computing assessments and audits.
ISSN:0020-5745