All Things Internal Audit

Auditing the Cloud: Risks, Frameworks, and Real Value

Listen Later

The Institute of Internal Auditors Presents: All Things Internal Audit Tech Sponsored by Grant Thornton Cloud security has become a top board-level concern and a permanent fixture on audit plans. In this companion episode to the Global Best Practices' A Roadmap to Auditing Cloud Security, Adam Ross talks with Vik Rai and Aadesh Gandhre about the challenges of auditing in multi-cloud environments, regulatory requirements, and the importance of governance and shared responsibility. They explore skill gaps, third-party risk, frameworks, and practical approaches to building a phased cloud security audit program, helping internal auditors strengthen resilience and provide real value.

HOST: Adam Ross, CIA, CISA Partner, Grant Thornton Advisors, LLC

GUEST:Vik Rai, CISSP, CISA Managing Director, Grant Thornton Advisors, LLC

Aadesh Gandhre, CISA, CAMS (Sanctions), ITIL 4, Certified Cryptocurrency Auditor, Certified in Cybersecurity Chief Audit Executive, DTCC

KEY POINTS:

  • Introduction [00:00–00:00:47]

  • Why Cloud Security Matters Now [00:00:51–00:03:10]

  • Board-Level Visibility and Audit's Role [00:03:12–00:05:51]

  • Regulatory Expectations and Frameworks [00:05:54–00:10:28]

  • Skills and Governance at the Board Level [00:11:14–00:13:49]

  • Shared Responsibility and Security Models [00:14:05–00:17:51]

  • Resiliency, Outages, and Accountability [00:17:13–00:18:57]

  • Starting a Cloud Security Audit [00:19:08–00:21:46]

  • Upskilling Auditors for Cloud Environments [00:22:14–00:23:05]

  • Cloud Security Posture Management (CSPM) [00:23:15–00:27:54]

  • Phased and Risk-Based Audit Planning [00:29:07–00:35:42]

  • Final Thoughts [00:37:02–00:40:43]

  • Closing [00:41:28–00:41:46]

IIA RELATED CONTENT: Interested in this topic? Visit the links below for more resources:

  • Global Best Practices: A Roadmap To Auditing Cloud Security
  • Webinar: Hybrid Cloud Security: A Primer for Internal Auditors
  • Tech: Control in the Cloud
  • 2025 Financial Services Exchange Conference

Visit The IIA's website or YouTube channel for related topics and more.

Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

...more
View all episodesView all episodes
Download on the App Store
All Things Internal AuditBy The Institute of Internal Auditors
  • 4.5
  • 4.5
  • 4.5
  • 4.5
  • 4.5

4.5

13 ratings

More shows like All Things Internal Audit

View all
Freakonomics Radio by Freakonomics Radio + Stitcher

Freakonomics Radio

32,254 Listeners

Planet Money by NPR

Planet Money

30,732 Listeners

TED Talks Daily by TED

TED Talks Daily

11,161 Listeners

WSJ What’s News by The Wall Street Journal

WSJ What’s News

4,393 Listeners

6 Minute English by BBC Radio

6 Minute English

1,862 Listeners

HBR IdeaCast by Harvard Business Review

HBR IdeaCast

181 Listeners

TED Business by TED

TED Business

1,099 Listeners

The Daily by The New York Times

The Daily

113,049 Listeners

Up First from NPR by NPR

Up First from NPR

56,906 Listeners

Think Fast Talk Smart: Communication Techniques by Matt Abrahams, Think Fast Talk Smart

Think Fast Talk Smart: Communication Techniques

839 Listeners

The Audit Podcast by Trent Russell

The Audit Podcast

119 Listeners

AUDIT 15 FUN by Jon Taber

AUDIT 15 FUN

16 Listeners

HBR On Leadership by Harvard Business Review

HBR On Leadership

174 Listeners

WSJ's Take On the Week by The Wall Street Journal

WSJ's Take On the Week

146 Listeners

Speaking of Risk and Audit by AuditBoard

Speaking of Risk and Audit

0 Listeners