This situation poses a significant concern for a cloud auditor because it indicates a potential gap in

the technical team’s ability to effectively manage and secure the IaaS platform provided by the

alternative vendor. Without proper training on the specific features, security practices, and

operational procedures of the new platform, the organization may face increased risks of

misconfiguration, security vulnerabilities, and inefficiencies in cloud operations. It is crucial for the

technical team to have a comprehensive understanding of all platforms in use to ensure they can

maintain the security and performance standards required for a robust cloud environment.

Reference = The concern is based on common cloud auditing challenges, such as controlling and

monitoring user access, and ensuring the IT team is equipped to manage the cloud environment

effectively12. Additionally, best practices suggest that network segmentation, user authentication,

and access control are critical areas to address in a cloud audit3. These principles are widely

recognized in the field of cloud security and compliance.