Skip Header
U.S. flag

An official website of the United States government

Regulations and Examinations

Continuing IT Training Program - Cloud Computing II

Last Updated: January 29, 2024
Share on X

Program Overview

The purpose of this training is to acquaint the students with the types of audit, security, compliance, and other assurance tools available to the platform as a service (PaaS) and infrastructure as a service (IaaS) cloud client, the types of reports that are available to the cloud client, and key control areas that are the responsibility of the cloud client. This course will focus on the control responsibilities of the cloud client to enable the student to examine financial institutions that have implemented cloud solutions. The program will look at specific solutions for both Amazon AWS and Microsoft Azure, as well as general principles for any cloud platform.

Key Objectives

Upon completion of this course, students will be able to:

  • Identify the security and compliance benefits and risks of using the cloud.
  • Discuss special governance topics (including vendor management) for cloud resources.
  • Explain client identity and access management control environments in the cloud methods to secure sensitive data.
  • Describe available client security services for risk assessment including auditing, logging, and monitoring tools.
  • Discuss how client security and auditing tools can validate whether security controls are implemented and operating effectively.
  • Describe the compliance and assurance programs of the cloud provider.

Instructional Format

Facilitated in-person classroom discussion and lectures

Duration

Four and one-half days

Level

Advanced

Target Audience

Examiners or ITEAs who will lead or participate on level B and A examinations.

This course is open to appropriate staff of the FDIC and partner government regulatory agencies. This course is not open to the public or staff of private banks.

Prerequisites

Participant should have attended ITEC, Introduction to Security, and Introduction to Telecommunications and Networking.  In addition, participants should have completed at least most of the intermediate-level IT courses; specifically, students must have completed the Virtualization course and the Cloud Computing I course (formerly Cloud Computing and Virtualization).

Pre-Course Assignment

None

Special Requirements

None

Post-Course Feedback

None

Credits

None

More Information

For more information concerning course content and administration, please e-mail cuelp@fdic.gov.