IT Risk: Your Audit Checklist

Your auditors worry about the cloud. So should you. As your organization begins its cloud flight, has it fastened its auditing seatbelts? Here’s a seven-step check-list to ensure a safe landing. Buckle up.

The broad and rapid adoption of cloud computing by all sorts of businesses and organizations is quickly reshaping the way many key internal functions are expected to operate in — and adapt to the new paradigm. That includes procurement, IT, risk management, governance, compliance, and audit, to name but a few.  Departments that resist or drag their heels risk losing whatever autonomy they may possess. They may even risk becoming irrelevant.

Public cloud adoption is all about trust. First, you trust that whoever is committing your organization to the public cloud is fully informed of the costs, risks, proper governance, and the cloud’s potential pitfalls. Second, you trust your cloud service provider (as well as all its providers) to deliver against its promises, which you hope are enshrined in a well-constructed and balanced contract.  If there are any fractures in the approach to risk, audit, and governance in the selection and implementation of your enterprise cloud systems, you, as CFO, need to be aware of them and take appropriate action. As any aircraft engineer will tell you, small cracks propagate swiftly and explosively when subjected to pressure. Experienced engineers know where to look. Do you?

Read the full article here