UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

ISO/IEC TR 3445

Information technology — Cloud computing — Audit of cloud services

active, Most Current
Organization: ISO
Publication Date: 1 March 2022
Status: active
Page Count: 58
ICS Code (Cloud computing): 35.210
scope:

This document surveys aspects of the audit of cloud services including:

1) role and responsibilities of parties conducting audit and description of the interactions between the CSC, CSP, and CSN;

2) approaches for conducting audits of cloud services to facilitate confidence in delivering and using cloud services;

3) examples of available frameworks and standards which can be used for audit schemes, for certification, and for authorization.

This document builds upon the cloud auditor role as defined in ISO/IEC 17789 and ISO/IEC 22123.

This document is applicable to all types and sizes of organizations that need to plan and conduct internal or external audits, and that use, provide and support cloud services.

This document is not intended to describe certification or to identify controls that are published elsewhere.

Document History

ISO/IEC TR 3445
March 1, 2022
Information technology — Cloud computing — Audit of cloud services
This document surveys aspects of the audit of cloud services including: 1) role and responsibilities of parties conducting audit and description of the interactions between the CSC, CSP, and CSN;...

References

This document references:
ISO/IEC 22123-1 - Information technology — Cloud computing — Part 1: Vocabulary
Published by ISO on February 1, 2021
This document provides terms and definitions for vocabulary used in the field of cloud computing.
This document references:
ISO 19011 - Guidelines for auditing management systems
Published by ISO on July 1, 2018
This document provides guidance on auditing management systems, including the principles of auditing, managing an audit programme and conducting management system audits, as well as guidance on the...
This document references:
ISO 9000 - Quality management systems — Fundamentals and vocabulary
Published by ISO on September 15, 2015
This International Standard describes the fundamental concepts and principles of quality management which are universally applicable to the following: — organizations seeking sustained success...
This document references:
ISO/IEC 17000 - Conformity assessment — Vocabulary and general principles
Published by ISO on May 1, 2020
This document specifies general terms and definitions relating to conformity assessment (including the accreditation of conformity assessment bodies) and to the use of conformity assessment to...
This document references:
ISO/IEC 17021-1 - Conformity assessment - Requirements for bodies providing audit and certification of management systems - Part 1: Requirements
Published by ISO on June 15, 2015
This part of ISO/IEC 17021 contains principles and requirements for the competence, consistency and impartiality of bodies providing audit and certification of all types of management systems....
This document is referenced by:
ISO/IEC 22123-2 - Information technology — Cloud computing — Part 2: Concepts
Published by ISO on September 1, 2023
This document specifies concepts used in the field of cloud computing. These concepts expand upon the cloud computing vocabulary defined in ISO/IEC 22123-1 and provide a foundation for other...
This document is referenced by:
BS ISO/IEC 22123-2 - Information technology - Cloud computing Part 2: Concepts
Published by BSI on October 31, 2023
A description is not available for this item.
This document is referenced by:
ISO/IEC 22123-3 - Information technology — Cloud computing — Part 3: Reference architecture
Published by ISO on September 1, 2023
This document specifies the cloud computing reference architecture (CCRA).
This document is referenced by:
NEN-ISO/IEC 22123-2 - Information technology - Cloud computing - Part 2: Concepts
Published by NEN on September 1, 2023
This document specifies concepts used in the field of cloud computing. These concepts expand upon the cloud computing vocabulary defined in ISO/IEC 22123-1 and provide a foundation for other...
This document is referenced by:
BS ISO/IEC 22123-3 - Information technology - Cloud computing Part 3: Reference architecture
Published by BSI on October 31, 2023
A description is not available for this item.
View Less
View All
Advertisement