AbstractThis research aimed to establish the impacts of shared responsibility models on the roles and responsibilities of IT auditors working in SaaS settings. A qualitative secondary data collection method was adopted, and data from the postdoctoral digital auditing thesis of Olsder (2023) was used. Based on the research, it was noted that the shared responsibility models help to describe the security responsibilities clearly; however, their application depends on the shared understanding of responsibilities and acceptable ways of their implementation in specific organizational settings. The challenges that IT auditors have to deal with in SaaS environments include evaluating security in highly decentralized systems, problems associated with the misconfiguration of the identity and (access) directory environment, issues with cloud providers’ transparency, and issues related to data privacy and confidentiality. Moreover, shared responsibility models have broadened the range of competencies for IT auditors considerably, thus demanding their increased appreciation of cloud architectures and different interpretations of security responsibilities. Recommendations made are as follows: Conduct training programs periodically to enhance the IT auditors’ knowledge base of cloud architectures and other emerging security threats; Work in closer coordination between the IT auditors, cloud service providers, and user organizations; and establish appropriate guidelines and other standard forms of sample frameworks for shared responsibility models for assessment and implementation. The future research directions have been discussed: The outcomes of differing implementation strategies to shared responsibility models within sectors have yet to be examined. However, further papers could consider the effectiveness of various strategies accomplished with this model in the IT sectors. The effects of advanced technologies on cloud IT auditing have yet to be discussed and might be considered in the forthcoming research papers. Further papers might probe the long-term consequences of shared responsibility models on organizational security postures as well as the long-term.
Last Completed Projects
| topic title | academic level | Writer | delivered |
|---|