Audit and Security for Cloud-Based Services

ACI Learning
Course summary
Professional Training
2 days
Course Dates
Enquire for dates and prices

Audit and Security for Cloud-Based Services

Audit and Security for Cloud-Based Services

This course covers the common architecture of cloud computing and examines the security and controls of SaaS, PaaS, and IaaS. It also covers the deficiencies that exist in cloud-based services and how Security-as-a-Service can be helpful.

Suitability - Who should attend?

Operational, Business Application, Information Technology, and External Auditors; Audit Managers and Directors; Information Security professionals

Prerequisites: A working knowledge of operating system security, networking concepts and associated logical access controls; Network Security Essentials (ASG203), Intermediate Audit School (ITG241) or equivalent experience

Outcome / Qualification etc.

NASBA Certified CPE: 16 Credits Auditing

IT Audit Certificate, Information Security Certificate

What You'll learn

You will learn about the current state of cloud computing, its common architecture, and the major services provided in the market. Also, how to use SaaS as a way to protect against security and control deficiencies.

Training Course Content

Understanding Corporate Culture:

  • the SPI Cloud Computing Model
  • cloud network models
  • key drivers for moving towards cloud-based services

Software as a Service (SaaS):

  • key enterprise applications
  • the SaaS transaction model(s)
  • SaaS security and audit concerns

Platform as a Service (PaaS):

  • major development providers/platforms
  • PaaS security and audit concerns

Infrastructure as a Service (IaaS):

  • host security in the cloud
  • network security in the cloud
  • data storage/SAN in a cloud IaaS environment
  • cloud bursting
  • cloud bursting
  • IaaS security and audit concerns

Brokered Cloud Services:

  • cloud aggregators
  • cloud brokers
  • cloud management service portals

Security as a Service:

  • identity management as a service
  • security event monitoring/IDS as a service
  • vulnerability management as a service
  • data leakage prevention as a service/Web filtering, e-mail filtering

Cloud-Based Security Standards and Dependencies:

  • directories and identity management
  • federated identities
  • emerging security Standards: SPML, XACML, OAuth, OpenID, others

Governance in a Cloud Services Environment:

  • key performance indicators
  • audit trails for cloud-based services
  • service level agreements, licensing
  • legal complexities: data privacy, globalization, trans-border constraints
  • third-party assessments and certifications: SAS70, ISO 27001

Disaster Recovery in a Cloud-Based Environment:

  • SPI HA architectures
  • virtualized environments and their impact on disaster recovery
  • updating and testing disaster recovery plans

Cloud Security and Audit:

  • key risks and audit concerns
  • identifying key controls and mitigations
  • cloud-based risk analysis models: ENISA, NIST, CSA
  • security best-practices models for cloud-based services
  • audit techniques and tests in a cloud-based environment

Provider: ACI Learning

ACI Learning

At ACI Learning, we train leaders in Cybersecurity, Audit, and Information Technology. Whether you're starting your IT career, mastering your profession, or developing your team, we're with you every step of the way. We believe that training is not a...

Read more and show all courses with this provider

Customer Outreach Award


We believe that it should be easy for you to find and compare training courses. 

Our Customer Outreach Award is presented to trusted providers who are excellent at responding to enquiries, making your search quicker, more efficient and easier, too.

Contact information for ACI Learning

ACI Learning

MIS Training Institute
30 Crown Place
EC2A 4EB London

 Show phone number

Find a course for you!

  Read the course
 summary on this page

 Fill in your details and Request information

 Receive all the info you need

Find more courses here