cloud infrastructure audit

flying by the seat of the pants must have been a great experience for the magnificent men in the flying machines of days gone by, but no one would think of taking that risk with the lives of 500 passengers on a modern aircraft…

“the business managers of a modern enterprise should not have to take that risk either. We must develop standard cloud metrics and ROI models, so that they can have instruments to measure success

Dr Chris Harding, author and philosopher

What is a cloud infrastructure audit?

A cloud infrastructure audit is an examination of a cloud computing instance through inquiry, physical inspection, observation, confirmation and analytics procedures.

It is the result of a constant three-way negotiation between the organisation, the cloud service provider (CSP), and end users,  to ensure productivity while maintaining security.

What is included in a cloud audit? 

Primary goals

The primary goals are to determine if the information system and its maintainers are:

  • meeting legal expectations around protection of customer data
  • protecting the company against security threats
  • contributing towards business goals and objectives
  • positioned to meet future business needs.


The audit will form an opinion over the design and operational effectiveness of controls in the following areas:

  • communication
  • security incidents
  • network security
  • logical and physical access
  • system operations
  • system development or change management
  • risk management
  • data management
  • vulnerability and remediation management
  • organisational adoption and compliance

This body of work can be completed by an in-house resource but there are obvious advantages of objectivity and credibility with internal stakeholders, when an independent third-party independent group is engaged.

Cloud Infrastructure Audit

MobileCorp cloud audit professional service

A MobileCorp cloud audit will:

  • collect information on the organisation’s cloud-based information systems, practices, policies and operations
  • provide a detailed assessment of the current infrastructure design and its ability to meet business objectives
  • critically analyse the information for compliance, threats, or opportunities for process improvement
  • provide audit documentation highlighting opportunities and threats, and presenting recommendations for consideration


The outcomes of a MobileCorp cloud infrastructure audit are:

  1. clarity and reassurance
  2. risk mitigation
  3. identification of opportunities for improvement
  4. legal and regulatory compliance (if relevant)