Preface
As a keynote and session speaker at over 30 conferences to date, I am often asked for references regarding the topics I present. Experience has taught me that it is always best to have the references ready when asked. In 2009, I presented a session on cloud computing at the MIS Training Institute's 29th Annual IT Audit & Controls conference. The room included an audience of very attentive and eager attendees. During my presentation, I discussed the history of cloud computing, the different types of clouds, the rationale as to why organizations are so eager to move to the cloud, challenges of cloud computing, and considerations for leveraging cloud services. When addressing the section on the challenges of cloud computing, I reviewed properties of the cloud along with risks, security, and interoperability aspects. While discussing these topics, I talked about aspects that IT auditors need to consider when conducting an audit of cloud providers.
Throughout the session, there was great interaction among the attendees. During the question and answer segment, at the end, one attendee asked if I could recommend a book or other reference that IT auditors could leverage to increase their knowledge base related to cloud computing topics. At the time there were no such resources, so I responded that I was unaware of such materials targeted specifically at the IT audit community: hence, the origin of the idea for this book.
What you will find in the forthcoming chapters of this text ...
