Cloud provider auditing requirement

talhorns — Wed, 30 Jan 2019 03:04:29 GMT

Dear friends,

My company needs to go through auditing by our customers (large financial firms) as part of our sales process. We use one of the major cloud providers for most of our infrastructure, and one of our clients insists on auditing the actual cloud provider. Does anyone know anything about such a process, where Azure or AWS would submit to a security audit for one their customers' customers? If so, how does one start?

Thanks!

Re: Cloud provider auditing requirement

AlecTrevelyan — Wed, 30 Jan 2019 11:06:52 GMT

You could try contacting your cloud provider and asking them, but they're very likely to point you in the direction of their SOC reports:

https://www.microsoft.com/en-us/trustcenter/compliance/soc
https://aws.amazon.com/compliance/soc-faqs/
https://cloud.google.com/security/compliance/soc-2/

topic Cloud provider auditing requirement in Tech Talk

Cloud provider auditing requirement

Re: Cloud provider auditing requirement