Will Risk Rain on Your Move to the Cloud?

The role of Internal Audit in the Digital Enterprise


Cloud computing has taken the business world by storm. And with it comes a potential deluge of risks. This whitepaper examines a few issues Internal Audit should consider as it guides the risk conversation with IT and the business.

To aid in this conversation, this paper discusses a comprehensive risk framework tool that can be developed and customized to help address specific issues that impact the organization. It also offers proactive steps IA functions should consider as the organization adopts cloud computing initiatives:

  • Engage stakeholders in informed discussions about the risk implications of cloud computing
  • Review the current organizational risk framework based on cloud risks that have been identified
  • Develop risk-mitigation strategies to help minimize the risks that accompany cloud computing
  • Review and better understand the organization’s data governance program
  • Evaluate potential cloud vendors from a risk perspective

As used in this document, “Deloitte” means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.