Pooled audits are helpful for both the Cloud Service Provider (CSP) and the Cloud Service User as they reduce the costs to any one outsourcing institution and help avoid duplication with third-party audits by establishing a scope and methodology agreed upon by the outsourcing institutions and the cloud service provider.
Pooled audits ensure that a consistent method is used to assess the provider’s data and system protection practices as well as the processes and internal control systems of the CSP to adequately support the mitigation of the participants’ risks.
By agreeing on a scope and methodology for audits, as well as a compensation structure that reflects the collective audit effort, participating companies can pool their auditing resources to help reduce costs and avoid unnecessary duplication on an individual level as well.
Join us as we have a fireside chat with our panel of experts from members of Commerzbank AG who take part in the Collaborative Cloud Audit Group (CCAG) conducting pooled audits on Cloud Service Providers. The CCAG provides an umbrella over the common cloud relevant topics in need of auditing based on the CSA Cloud Control Matrix.
Topics to be covered:
· Usage of the shared responsibility model in context of pooled audits
· Regulatory framework on pooled audits
· Benefits of pooled audits