Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Reducing Implementation Efforts in Continuous Auditing Certification Via an Audit API

: Knoblauch, Dorian; Banse, Christian


Institute of Electrical and Electronics Engineers -IEEE-:
IEEE 28th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE 2019. Proceedings : Napoli, Italy, 12-14 June 2019
Piscataway, NJ: IEEE, 2019
ISBN: 978-1-7281-0676-2
ISBN: 978-1-7281-0677-9
International Conference on Enabling Technologies - Infrastructure for Collaborative Enterprises (WETICE) <28, 2019, Napoli>
Fraunhofer AISEC ()
Fraunhofer FOKUS ()

Continuous auditing reduces the frequency in which compliance is verified. This results in more trustworthiness for the cloud service and therefore lowers the barrier of adopting cloud for customers in high-risk sectors such as banking. However, implementing continuous auditing as of today is a tedious task and not standardized, which leaves the service providers implementing the whole audit process and the technical infrastructure. We are proposing a solution for this problem by defining a standardized way of establishing the continuous auditing process for an IT infrastructure as well as providing the necessary tools as a reference implementation. In this paper we present how complexity in setting up the technical requirements for continuous auditing can be highly reduced by providing an easy to implement Audit API and continuous auditing methodology.