Cloud computing services are increasingly mediating the connections. In this environment, information assurance professionals must not only address longstanding information security threats and vulnerabilities, but they also face new challenges relative to their experience in the ﬁeld just a few years—or even months—before.
This white paper advocates for continuous oversight of the wide variety of cloud services used by organizations—a set of distinct, but related, management and assurance practices that address critical emerging risk domains, including security, privacy and compliance.
Continuous oversight includes:
- Continuous assurance for data and processes
- Continuous cloud assurance
- Continuous supply chain management and oversight
- Continuous improvement (CI)