Pooled audits – A cost-effective way of auditing Third-Party Risk

Presented by

John DiMaria, Imre Bako, Thomas Pfeiffer

About this talk

Pooled audits are helpful for both the Cloud Service Provider (CSP) and the Cloud Service User as they reduce the costs to any one outsourcing institution and help avoid duplication with third-party audits by establishing a scope and methodology agreed upon by the outsourcing institutions and the cloud service provider. Pooled audits ensure that a consistent method is used to assess the provider’s data and system protection practices as well as the processes and internal control systems of the CSP to adequately support the mitigation of the participants’ risks. By agreeing on a scope and methodology for audits, as well as a compensation structure that reflects the collective audit effort, participating companies can pool their auditing resources to help reduce costs and avoid unnecessary duplication on an individual level as well. Join us as we have a fireside chat with our panel of experts from members of Commerzbank AG who take part in the Collaborative Cloud Audit Group (CCAG) conducting pooled audits on Cloud Service Providers. The CCAG provides an umbrella over the common cloud relevant topics in need of auditing based on the CSA Cloud Control Matrix. Topics to be covered: · Usage of the shared responsibility model in context of pooled audits · Regulatory framework on pooled audits · Benefits of pooled audits

Related topics:

More from this channel

Upcoming talks (2)
On-demand talks (892)
Subscribers (60236)
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa