To get more out of the existing IT resources, to reduce datacenter costs in physical infrastructure and to increase availability of hardware and applications for improved business continuity, businesses are virtulizing the infromation technology assets more than ever. VMware, Cisco, Oracle, EMC and other leading vendors have revolutionized this nascent industry into a multi-billion dollar market.
Auditing virtualization technology is the focus of many IT auditors as new potential threats and exploits arises everyday. In addition, there are a vast number of complex configuration options that security administrators need to understand.Virtualization technologies also connect to network infrastructure and storage networks and require careful audit planning with regard to access controls, segregation of duties, and security controls.
There is very little guidance from the regulatory agencies like PCAOB, PCI and SEC on how to address new audit issues presented with virtualization. Checklist 2.0 virtualization center is developed to help IT managers, auditors and experts to come together and build the virtualization best practices to address new risk and audit areas. It also offers guidance on developing audit review processes that can be applied to virtualization, including how to use virtualization to enhance audit processes.