By the end of this course, information systems auditors/internal auditors should be able to perform audits on cloud-based infrastructure in line with their audit objectives.

The course covers IT audit principles and cloud computing basics, including cloud service models, architecture, and risk evaluation. Participants will explore cloud infrastructure setup, public cloud deployment models, and major platforms like AWS, Azure, and GCP, along with cloud governance and risk assessment using the shared responsibility model.

Key frameworks such as CSA-CCM, NIST 800, and ISO 27017 are discussed, focusing on internal controls, identifying weaknesses, and using the cloud control matrix. Testing various cloud controls (applications, GRC, IAM, data security, and more) is covered, along with evidence gathering, documentation, and effective reporting and follow-ups.

Member: Ksh. 50,000

Non - Member: Ksh.56,000

CPE: 21 Hours