Cloud Computing - An overview about Cloud Computing Security

When:  Apr 18, 2019 from 8:30 AM to 12:00 PM (ET)

Session Description:

Cloud computing is the on demand delivery of computing services - servers, storage, databases, networking, software, analytics, intelligence and more—over the Internet (“the cloud”).

As cloud computing concepts and practices continue to grow, it is important for organizations to understand how to best use cloud computing as a business enabler, and how to handle the changes that cloud computing will introduce to the business. With this understanding it will enable the business to maximize the benefits that cloud services offer and at the same time tackle the cloud’s unique challenges and threats.

This session is to provide IT auditors, IT risk and compliance professionals, as well as Internal and external auditors with a better understanding of cloud computing concepts, architectures, a cloud computing Risk Management framework, as well as cloud computing compliance and Audit Management.


  1. Cloud Computing Concepts and Architectures

    1. Cloud Computing definitions.

    2. Definitional Model (Essential Characteristics, Service Models, Deployment Models)

    3. Architecture Models (Infrastructure as a Service, Platform as a Service, Software as Service)

    4. Logical Model

    5. Cloud Security Scope, Responsibilities, and Models

  2. Governance and Enterprise Risk Management

    1. Cloud Computing Governance (Tools of Cloud Governance)

    2. The impact of Service Model and Deployment Model on Cloud Governance

    3. Cloud Risk Management Tools

    4. Security and Cloud Computing

  3. Compliance and Audit Management

    1. How Cloud Changes Compliance

    2. How Cloud Changes Audit Management



Fadi Abd Ulhamid , Sr. IT Sec Governance Consultant, PHD, PMP, CISA, CRISC, ISO 27001LA; with more than 20 years of experience in information risk and security management, IT service management, and software development. He did his PhD in management information systems and his dissertation focused on the role of knowledge management in organizational development.

In his current role, Fadi is responsible for managing SOX GCC program for Enterprise Services (ES) and ensuring that ES complies with information security standards. Additionally, Fadi works with cross-functional, multi-location teams (Asia, US, Canada, UK) , which include operators of IT Controls, internal and external auditors, financial stakeholders, and ES management, to support the implementation, roll-out, review, revision, testing, deficiency analysis, remediation, and reporting of the "design effectiveness" and "operating effectiveness" of the company's General Computer Controls.

Previously, Fadi worked in IT Advisory Industry as Director (IT and Cyber Security Consultancy Services). Where he led the implementation and maintenance of Information Security Management System (ISMS) in support of ISO27001 and other IT Governance frameworks (ISACA, CoBIT, SOX, COSO, ISO 31000, and NIST guidelines …etc.). Also, Fadi managed high profile Risk-based IT Audit (GCC & Application Controls) as well as vulnerability assessment and penetration testing engagements in various verticals (Banking, Insurance, telecommunication, Manufacturing and Government) in different countries.


Please Note:  There is a cancellation policy in effect


Radisson Hotel Kitchener Waterloo
2960 King Street East
Kitchener, ON