Reducing Implementation Efforts in Continuous Auditing Certification Via an Audit API

Knoblauch, Dorian; Banse, Christian

2019

Conference Paper

Abstract

Continuous auditing reduces the frequency in which compliance is verified. This results in more trustworthiness for the cloud service and therefore lowers the barrier of adopting cloud for customers in high-risk sectors such as banking. However, implementing continuous auditing as of today is a tedious task and not standardized, which leaves the service providers implementing the whole audit process and the technical infrastructure. We are proposing a solution for this problem by defining a standardized way of establishing the continuous auditing process for an IT infrastructure as well as providing the necessary tools as a reference implementation. In this paper we present how complexity in setting up the technical requirements for continuous auditing can be highly reduced by providing an easy to implement Audit API and continuous auditing methodology.

Author(s)

Knoblauch, Dorian

Fraunhofer-Institut für Offene Kommunikationssysteme FOKUS

Banse, Christian

Fraunhofer-Institut für Angewandte und Integrierte Sicherheit AISEC

Hauptwerk

IEEE 28th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE 2019. Proceedings

Konferenz

International Conference on Enabling Technologies - Infrastructure for Collaborative Enterprises (WETICE) 2019

Options

Reducing Implementation Efforts in Continuous Auditing Certification Via an Audit API