Auditing or assessing risks related to cloud setups may seem daunting at first, especially if an IT audit and assurance professional may lack cloud computing experience. A fine book published by ISACA & ITGI can give you the necessary heads up to initiate an assurance process. It is an excellent starting point but remember that it has to be modified or customized to your specific environment. Magic templates do not exist! The book will help you initiate a cloud computing audit/assurance review dealing with the effectiveness of the service provider’s internal controls and security, amongst other GRC elements.
For more details about Isaca’s Cloud Computing Management Audit/Assurance Program book go here.