Title: Cloud Assurance Unpacked: Lessons Learned and Real-Life Examples
Date/Time: Tuesday 16 Jul 2024 6.30-8 pm UK time
Format: Hybrid - in-person plus live webinar. Up to 2 CPE for attendance - Host 60 seated and 20 standing
In-person attendance is limited to 70 pre-registered ISACA London Chapter members only.
Plus networking at GT London with light food and drink till 9pm.
Registration link: https://www.eventbrite.co.uk/e/cloud-assurance-unpacked-lessons-learned-and-real-life-examples-16-july-tickets-938533437777
Location: The Lounge, Ground Floor, 30 Finsbury Square, London EC2A 1AG
Synopsis: Presentation deck - TBD
Presentation 1 – Cloud assurance hot topics in Financial Services by Ian Greaves, Associate Director
Ian will present the key themes he has recently encountered around cloud assurance in the financial services sector, what challenges companies are facing, and good practices which were adopted to overcome these challenges. Some of the challenges included in the presentation will be around inconsistent approaches to cloud assurance, concentration risks, and continuous monitoring.
Presentation 2 - Adapting the controls and assurance approach for cloud by Cristiana Mirosanu, Senior Manager
Among large corporate entities outside the financial services sector, we have also seen inconsistent approaches to cloud assurance. Cristiana will share case studies of how organisations are adapting their controls frameworks and assurance approach for cloud.
Presentation 3 - Gaining assurance from SOC reports by Adebimpe Toby, Senior Manager
Organisations use documentation reviews and tooling to help with maintaining compliant internal controls, however when using cloud services there are often concerns about the lack of visibility and opaqueness of the cloud service provider’s controls environment. Bimpe will provide an overview of what information can be gained from SOC reports, and how organisations use this information to review whether vendors meet internal control requirements.
Speaker bio:
Ian Greaves leads our enabling technology transformation practice and co-convenes a globally-influential cloud computing community. He brings 30 years of experience built up from engineering, solution architecture, delivery, and integration, quality assurance, internal audit, and advisory: 16 years in financial services, eight years in consultancy, and seven years with global IT vendors. He’s participated in 10 large (£100 million to £1 billion in value) financial services transformations and has led hundreds of smaller initiatives, working alongside experienced leaders in successful global mergers, transitions, and transformations. His specialism is in architecture and planning technology transformation: helping organisations to take their ideas, products, and services from early adoption through to a recognised and referenceable offering, product, or service.
Cristiana Mirosanu is a Senior Manager in our business risk services team, focusing on technology risk and assurance. She leads the ERP and cloud risk and assurance service offering for large corporate clients. She oversees the delivery of technology assurance engagements and also advises clients around annual internal audit planning, technology risk assessments, and programme assurance. She’s been involved in second and third line of defence projects, focused mainly on ERP and cloud implementations, segregation of duties, DevSecOps, and technical reviews of security, resilience, data protection, and third-party management. Her client portfolio includes large listed organisations in the FTSE100 and FTSE250, and private limited companies of similar sizes. She’s worked extensively with clients in the retail, automotive, technology, manufacturing, and not-for-profit sectors.
Adebimpe Toby is a Senior Manager in the Business Risk Services team with experience in managing and delivering internal audit plans to large and complex organisations in the corporate sector. Bimpe has significant experience in SOX IT engagements. She has performed audits including cyber security, SOX reviews, IT general controls, business continuity management and disaster recovery, third-party risk management and SOC reviews across a range of sectors and industries, including retail, manufacturing, business support services, and technology.