All Things Internal Audit

Auditing the Cloud: Risks, Frameworks, and Real Value

Listen Later

The Institute of Internal Auditors Presents: All Things Internal Audit Tech Sponsored by Grant Thornton Cloud security has become a top board-level concern and a permanent fixture on audit plans. In this companion episode to the Global Best Practices' A Roadmap to Auditing Cloud Security, Adam Ross talks with Vik Rai and Aadesh Gandhre about the challenges of auditing in multi-cloud environments, regulatory requirements, and the importance of governance and shared responsibility. They explore skill gaps, third-party risk, frameworks, and practical approaches to building a phased cloud security audit program, helping internal auditors strengthen resilience and provide real value.

HOST: Adam Ross, CIA, CISA Partner, Grant Thornton Advisors, LLC

GUEST:Vik Rai, CISSP, CISA Managing Director, Grant Thornton Advisors, LLC

Aadesh Gandhre, CISA, CAMS (Sanctions), ITIL 4, Certified Cryptocurrency Auditor, Certified in Cybersecurity Chief Audit Executive, DTCC

KEY POINTS:

  • Introduction [00:00–00:00:47]

  • Why Cloud Security Matters Now [00:00:51–00:03:10]

  • Board-Level Visibility and Audit's Role [00:03:12–00:05:51]

  • Regulatory Expectations and Frameworks [00:05:54–00:10:28]

  • Skills and Governance at the Board Level [00:11:14–00:13:49]

  • Shared Responsibility and Security Models [00:14:05–00:17:51]

  • Resiliency, Outages, and Accountability [00:17:13–00:18:57]

  • Starting a Cloud Security Audit [00:19:08–00:21:46]

  • Upskilling Auditors for Cloud Environments [00:22:14–00:23:05]

  • Cloud Security Posture Management (CSPM) [00:23:15–00:27:54]

  • Phased and Risk-Based Audit Planning [00:29:07–00:35:42]

  • Final Thoughts [00:37:02–00:40:43]

  • Closing [00:41:28–00:41:46]

IIA RELATED CONTENT: Interested in this topic? Visit the links below for more resources:

  • Global Best Practices: A Roadmap To Auditing Cloud Security
  • Webinar: Hybrid Cloud Security: A Primer for Internal Auditors
  • Tech: Control in the Cloud
  • 2025 Financial Services Exchange Conference

Visit The IIA's website or YouTube channel for related topics and more.

Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

...more
View all episodesView all episodes
Download on the App Store
All Things Internal AuditBy The Institute of Internal Auditors
  • 4.5
  • 4.5
  • 4.5
  • 4.5
  • 4.5

4.5

13 ratings

More shows like All Things Internal Audit

View all
Economist Podcasts by The Economist

Economist Podcasts

4,185 Listeners

The McKinsey Podcast by McKinsey & Company

The McKinsey Podcast

388 Listeners

PwC's accounting podcast by PwC

PwC's accounting podcast

180 Listeners

Coaching for Leaders by Dave Stachowiak

Coaching for Leaders

1,462 Listeners

WSJ Tech News Briefing by The Wall Street Journal

WSJ Tech News Briefing

1,638 Listeners

HBR IdeaCast by Harvard Business Review

HBR IdeaCast

1,836 Listeners

Tech Brew Ride Home by Morning Brew

Tech Brew Ride Home

963 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

174 Listeners

Inside the Strategy Room by McKinsey & Company

Inside the Strategy Room

169 Listeners

Think Fast Talk Smart: Communication Techniques by Matt Abrahams, Think Fast Talk Smart

Think Fast Talk Smart: Communication Techniques

813 Listeners

The Audit Podcast by Trent Russell

The Audit Podcast

118 Listeners

AUDIT 15 FUN by Jon Taber

AUDIT 15 FUN

16 Listeners

The So What from BCG by Boston Consulting Group BCG

The So What from BCG

221 Listeners

The AI Daily Brief: Artificial Intelligence News and Analysis by Nathaniel Whittemore

The AI Daily Brief: Artificial Intelligence News and Analysis

586 Listeners

HBR On Leadership by Harvard Business Review

HBR On Leadership

159 Listeners