NORTH AMERICA EMEA ASIA
All programs BankAudit 2013 InfoSec World Conference & Expo 2013 SuperStrategies Conference & Expo 2013 The Conference on Big Data Security
All programs The Audit Directors & Managers Symposium The MIS Audit Leadership Institute The MIS CAE Master's Program
ABOUT MIS INTERNAL AUDIT IT AUDIT INFO SECURITY IN-HOUSE TRAINING  
 
     Conferences            >      Seminars            >      Symposia            >      Webinars      Online Self Study      Training Weeks      In-House Training      Certificate Programs>      Exhibiting Info      Ways to Save      Request Info      Event Downloads      White Papers      Call for Instructors      Contact MIS      Site Map
Internal Audit IT Audit Info Security
Internal Audit IT Audit Info Security
Audit and Security for Cloud-Based Services - ASN305 
Security and Control Considerations for Cloud Computing Architectures
Learning Level: Intermediate
CPEs: 16 Fee: $1,895.00
Focus Features Who Should Attend Agenda Register
Agenda

What You Will Learn
1. Cloud-Based Computing: An Architectural Overview
- application architectures
- the SPI Cloud Computing Model
- key drivers for moving towards cloud-based services

2. Software as a Service (SaaS)
- key enterprise applications
- the SaaS transaction model(s)
- SaaS security and audit concerns

3. Platform as a Service (PaaS)
- major development providers/platforms
- PaaS security and audit concerns

4. Infrastructure as a Service (IaaS)
- host security in the cloud
- network security in the cloud
- data storage/SAN in a cloud IaaS environment
- cloud bursting
- virtualization models for cloud-based services: Hypervisor VM and inter VM isolation
- cloud-based security domains: virtualized security/firewalls
- IaaS security and audit concerns

5. Cloud-Based Network Models
- private cloud architectures
- hybrid architectures
- public architectures
- de-perimiterization of networks: secure access from any device, anywhere

6. Brokered Cloud Services
- cloud aggregators
- cloud brokers
- cloud management service portals

7. Security as a Service
- identity management as a service
- security event monitoring/IDS as a service
- vulnerability management as a service
- data leakage prevention as a service/Web filtering, e-mail filtering

8. Cloud-Based Security Standards and Dependencies
- directories and identity management
- federated identities
- emerging security Standards: SPML, XACML, OAuth, OpenID, others

9. Governance in a Cloud Services Environment
- key performance indicators
- audit trails for cloud-based services
- service level agreements, licensing
- legal complexities: data privacy, globalization, trans-border constraints
- third-party assessments and certifications: SAS70, ISO 27001

10. Disaster Recovery in a Cloud-Based Environment
- SPI HA architectures
- virtualized environments and their impact on disaster recovery
- updating and testing disaster recovery plans

11. Cloud Security and Audit
- key risks and audit concerns
- identifying key controls and mitigations
- cloud-based risk analysis models: ENISA, NIST, CSA
- security best-practices models for cloud-based services
- audit techniques and tests in a cloud-based environment

 
REGISTRATION QUESTIONS?
For questions about your registration, government and team discounts, or multiple registrations, please call Linda Ronconi at (508) 879-7999, ext. 501 or e-mail mis@misti.com.

IN-HOUSE SEMINARS
This seminar is available in-house. For more information about bringing this or other MIS seminars to your organization, please call Mimi Hatch at (410) 692-2465 or e-mail mhatch@misti.com.

 


Dates/Locations
March 21 - 22, 2013
San Diego
June 13 - 14, 2013
New York
October 22 - 23, 2013
Boston