American Institute of Certified Public Accountants (AICPA),
Service Organization Control (SOC) reports, www.aicpa.org/
interestareas/accountingandauditing/resources/soc/pages/
sorhome.aspx
Cloud Security Alliance, “Security Guidance for Critical Areas
of Focus in Cloud Computing V2.1,” December 2009, USA,
https://cloudsecurityalliance.org/csaguide.pdf
International Organization for Standardization (ISO),
ISO/IEC 27001:2005, Information technology—Security
techniques—Information security management systems—
Requirements, Switzerland, 2005, www.iso.org/iso/
catalogue_detail?csnumber=42103
International Federation of Accountants (IFAC), International
Standard on Assurance Engagements (ISAE) 3402, Assurance
Reports on Controls at a Service Organization, http://web.
ifac.org/download/b014-2010-iaasb-handbook-isae-3402.pdf
ITGI, IT Assurance Guide: Using COBIT, USA, 2007
Office of Government Commerce, IT Infrastructure Library,
UK, www.itil-officialsite.com
Jansen, Wayne; Timothy Grance; National Institute of
Standards and Technology (NIST) Draft Special Publication
(SP) 800-144, Guidelines on Security and Privacy in Public
Cloud Computing, NIST, USA, 2011, http://csrc.nist.gov/
publications/drafts/800-144/Draft-SP-800-144_cloud-
computing.pdf
ENDNOTES
1 Gartner Inc., “Gartner Says Worldwide Cloud Services
Market to Surpass $68 Billion in 2010,” press release,
22 June 2010, www.gartner.com/it/page.jsp?id=1389313
2 Gadia, Sailesh; “Cloud Computing: An Auditor’s
Perspective,” ISACA Journal, vol. 6, 2009, www.isaca.
org/Journal/Past-Issues/2009/Volume-6/Pages/Cloud-
Computing-An-Auditor-s-Perspective1.aspx
3 Pepitone, Julianne; “Why Attackers Can’t Take Down
Amazon.com,” CNNMoney.com, 9 December 2010,
http://money.cnn.com/2010/12/09/technology/amazon_
wikileaks_attack/ index.htm
4 European Network and Information Security Agency
(ENISA), Cloud Computing: Benefits, Risks and
Recommendations for Information Security, Greece, 2009,
www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-risk-assessment
5 IT Governance Institute (ITGI), COBIT® 4. 1, USA, 2007
A CISA Exam Review in a class all its own.
Order today and receive your ISACA
Journal Discount
www.ExamMatrix.com/ISJ
www.ExamMatrix.com or 800.272.7277
ExamMatrix
Smarter, Faster
