All Things Internal Audit

Auditing the Cloud: Risks, Frameworks, and Real Value

Listen Later

The Institute of Internal Auditors Presents: All Things Internal Audit Tech Sponsored by Grant Thornton Cloud security has become a top board-level concern and a permanent fixture on audit plans. In this companion episode to the Global Best Practices' A Roadmap to Auditing Cloud Security, Adam Ross talks with Vik Rai and Aadesh Gandhre about the challenges of auditing in multi-cloud environments, regulatory requirements, and the importance of governance and shared responsibility. They explore skill gaps, third-party risk, frameworks, and practical approaches to building a phased cloud security audit program, helping internal auditors strengthen resilience and provide real value.

HOST: Adam Ross, CIA, CISA Partner, Grant Thornton Advisors, LLC

GUEST:Vik Rai, CISSP, CISA Managing Director, Grant Thornton Advisors, LLC

Aadesh Gandhre, CISA, CAMS (Sanctions), ITIL 4, Certified Cryptocurrency Auditor, Certified in Cybersecurity Chief Audit Executive, DTCC

KEY POINTS:

  • Introduction [00:00–00:00:47]

  • Why Cloud Security Matters Now [00:00:51–00:03:10]

  • Board-Level Visibility and Audit's Role [00:03:12–00:05:51]

  • Regulatory Expectations and Frameworks [00:05:54–00:10:28]

  • Skills and Governance at the Board Level [00:11:14–00:13:49]

  • Shared Responsibility and Security Models [00:14:05–00:17:51]

  • Resiliency, Outages, and Accountability [00:17:13–00:18:57]

  • Starting a Cloud Security Audit [00:19:08–00:21:46]

  • Upskilling Auditors for Cloud Environments [00:22:14–00:23:05]

  • Cloud Security Posture Management (CSPM) [00:23:15–00:27:54]

  • Phased and Risk-Based Audit Planning [00:29:07–00:35:42]

  • Final Thoughts [00:37:02–00:40:43]

  • Closing [00:41:28–00:41:46]

IIA RELATED CONTENT: Interested in this topic? Visit the links below for more resources:

  • Global Best Practices: A Roadmap To Auditing Cloud Security
  • Webinar: Hybrid Cloud Security: A Primer for Internal Auditors
  • Tech: Control in the Cloud
  • 2025 Financial Services Exchange Conference

Visit The IIA's website or YouTube channel for related topics and more.

Follow All Things Internal Audit: Apple PodcastsSpotify LibsynDeezer

...more
View all episodesView all episodes
Download on the App Store
All Things Internal AuditBy The Institute of Internal Auditors
  • 4.5
  • 4.5
  • 4.5
  • 4.5
  • 4.5

4.5

13 ratings

More shows like All Things Internal Audit

View all
Freakonomics Radio by Freakonomics Radio + Stitcher

Freakonomics Radio

31,989 Listeners

Planet Money by NPR

Planet Money

30,706 Listeners

Global News Podcast by BBC World Service

Global News Podcast

7,601 Listeners

WSJ What’s News by The Wall Street Journal

WSJ What’s News

4,332 Listeners

The McKinsey Podcast by McKinsey & Company

The McKinsey Podcast

382 Listeners

PwC's accounting podcast by PwC

PwC's accounting podcast

183 Listeners

How I Built This with Guy Raz by Guy Raz | Wondery

How I Built This with Guy Raz

30,187 Listeners

The Accounting Podcast by Blake Oliver & David Leary

The Accounting Podcast

334 Listeners

The Indicator from Planet Money by NPR

The Indicator from Planet Money

9,532 Listeners

Inside the Strategy Room by McKinsey & Company

Inside the Strategy Room

172 Listeners

The Journal. by The Wall Street Journal & Spotify Studios

The Journal.

6,066 Listeners

Cautionary Tales with Tim Harford by Pushkin Industries

Cautionary Tales with Tim Harford

5,151 Listeners

The Audit Podcast by Trent Russell

The Audit Podcast

119 Listeners

AUDIT 15 FUN by Jon Taber

AUDIT 15 FUN

16 Listeners

HBR On Leadership by Harvard Business Review

HBR On Leadership

166 Listeners