Next ISACA Ireland event will be taking place in Deloitte's office, Earlsfort Terrace. Topics and speakers:
Auditing the Cloud - Ross Spelman (Senior Manager Cyber Risk Services)
Cloud computing provides a hugely beneficial form of IT system, applications and infrastructure outsourcing. From both technical and economic perspectives, Cloud Computing provides numerous advantages driving development and widespread adoption. IT auditors must have an understanding of not only the fundamentals but a detailed knowledge of specific cloud services and auditing methods to effectively assess, evaluate and gain assurance of regulatory compliance and service level performance. The auditing work itself is quite different and more complicated than regular IT auditing. As a result, the audit of a cloud service or services requires external vendor or partner support to execute effectively. Customers of cloud services should be able to demonstrate a repeatable evaluation over the IT control and provider environment.
The auditing team's primary goal could be described as; an independent and autonomous experiment of an organisation’s management assertions declared by an external sanctioning body that must follow a set of guidelines and standards. – It is these guidelines and standards that change when applied to a cloud environment, and Auditors must be cognisant of the pitfalls.
Practical Session on IT Risk and System Controls - Paul Hare (Vice President ISACA Ireland, Senior Manager - Technology Assurance), Henyr Pascua (Manager - SAP IT Controls Assurance) and Cleofe Barbon-Velmonte (Manager - Database IT Controls Assurance).
This session will look at identifying key financial IT risks in the IT production environment, what key IT contols address or mitigate these risks, and tips on how to evaluate and test the effectiveness of IT controls.
Refreshments will be provided.