Reducing Implementation Efforts in Continuous Auditing Certification Via an Audit API
Continuous auditing reduces the frequency in which compliance is verified. This results in more trustworthiness for the cloud service and therefore lowers the barrier of adopting cloud for customers in high-risk sectors such as banking. However, implementing continuous auditing as of today is a tedious task and not standardized, which leaves the service providers implementing the whole audit process and the technical infrastructure. We are proposing a solution for this problem by defining a standardized way of establishing the continuous auditing process for an IT infrastructure as well as providing the necessary tools as a reference implementation. In this paper we present how complexity in setting up the technical requirements for continuous auditing can be highly reduced by providing an easy to implement Audit API and continuous auditing methodology.