Cloud computing and the internal audit function
June 2011
At a glance
A cloud strategy vetted and supported by internal audit will help companies take advantage of the compelling cost benefits while managing new risks
Companies are adopting cloud computing. The economics are too compelling to ignore: standardized IT processes at reduced costs can free up IT resources to focus on differentiating the business. Yet risk is elevated because a broad cloud implementation requires changes in processes, people, and systems.
CAEs have a significant role to play
Chief audit executives should proactively engage the C-suite and business leaders to understand what data and applications may be moved to the cloud. They then should investigate specific risks and controls for near-term cloud adoption. As critical IT functions move to the cloud, new risks will arise. Internal audit (IA) should re-evaluate its annual risk assessment, audit scope, and resources to support its company’s cloud strategy.
- Phil Garland
- US CIO Advisory Leader
- Tel: +1 (703) 918 4523
- Mike Pearl
- US Cloud Computing Leader
- Tel: +1 (408) 817 3801
- Rob Gittings
- Leader, US Technology Sector
- Tel: +1 (408) 817 3730