It's been a while since I've posted.

I've had a lot of things going on lately that have kept me from writing.

I apologize if you've been waiting for a continuity of content.

Despite the delay, I'll make sure to finish each piece of content without interruption.

If there's a topic you'd like to see me cover, feel free to drop me a line.

I'm also available to talk about job hunting and other difficult experiences in the workplace.

Currently, I am working at one of the Big 4 accounting firms in Korea, and I also receive consulting inquiries.

This time, let's take a look at what features you need to understand when it comes to ITGC for companies using Azure.

I'll also discuss what populations to look for, and what advantages/disadvantages there are compared to AWS.

(I'm writing this in a bit of a rush, so some of this may change in the future)

[Azure's features]

1. Azure Active Directory (Azure AD):

Azure provides the AD functionality we are all familiar with. It provides the ability to manage users, groups, and roles, and control access to resources in Azure.

You may also want to consider enforcing multi-factor authentication (MFA) for accounts that access key resources or are deemed critical.

2. Azure Role-Based Access Control (RBAC):

You can assign permissions to each user and control role-based access to resources.

By granting differential permissions for each account, you can control what they are allowed to do and which resources they can access.

3. Azure Policy:

You can define policies on Azure resources. 

You can tag the location of resources, specific resources, or set security for resources.

4. Azure Security Center:

Provides the ability to monitor the security posture of your Azure environment.

It shows you what your current security posture is, provides recommendations for security, and provides detection capabilities regarding vulnerabilities or threats.

5. Azure Policy for Key Vault:

Provides the ability to manage and secure passwords, keys, and certificates.

I think you can understand that it protects by archiving sensitive information regarding specific data and strengthening access procedures.

6. Azure Network Security Groups (NSGs):

Allows you to filter network traffic and apply security rules within a virtual network. Provides the ability to control traffic from specific IP addresses or subnets.

7. Azure Sentinel:

Provides the ability to monitor log data in the cloud environment and detect security threats.

Security information and event management (SIEM) allows you to analyze and respond to security events in real time.

8. Azure Disk Encryption:

Provides encryption for virtual machine disks to protect the confidentiality of your data. Integration with Azure Key Vault allows you to securely store encryption keys.

9. Azure Information Protection:

Provides the ability to classify your organization's data and control access to and use of sensitive data.

10. Azure Backup and Azure Site Recovery:

Provides backup and disaster recovery solutions for your data in Azure. Back up your critical data and services to prevent data loss and enable seamless recovery in the event of an emergency.

In a nutshell, when it comes to ITGC, the following control topics can be defined.

[Example ITGC controls]

1. account creation and authorization

2. Account lockout and authorization recovery

3. Authentication and password

4. Admin privileges

5. Data change (DDL/DML), DB instance change

6. Batch Job Permissions

7. Manage batch job changes

8. Measures for batch job failure

9. Data backup and recovery

I'll go into more detail in the future when I get a chance, but in a nutshell, here's how to design internal controls and draw populations for each topic in Azure.

[Populations to review in Azure related to ITGC]

1. account creation and authorization:

History related to account creation and authorization can be extracted through audit logs in Azure Active Directory (Azure AD). You can review audit logs in Azure AD to see the history of account creation and authorization operations.

2. Account lockouts and privilege revocations:

To review timely revocation, you need to be able to review the history of accounts being locked, deleted, or having their privileges revoked. Again, this can be extracted through audit logs in Azure AD. You can also review event logs in Azure Security Center for relevant information from account security events.

3. authentication and passwords:

If used with Azure AD, these can be found through the audit logs in Azure AD.

4. Privileges

List extracts related to special privileges, such as the ability to create accounts or grant privileges to other users, can also be extracted from audit logs in Azure AD. You can also review Azure Role-Based Access Control (RBAC) to see what privileges and roles have been granted to users.

5. Review data changes (DDL/DML) or DB instance changes:

Information related to the DDL history, DML history, and DB instance change history of the database can be extracted through the audit logs of Azure SQL Database. 

You can also use Azure Monitor and Log Analytics to review the history of database instance changes.

You should also consider changes to DB instances if they are managed in the cloud, such as AWS or Azure. This is because you can make changes to the DB Instance directly at the cloud level.

6. Batch Job / Batch Job Failure History:

Regarding the batch job list or failure history, you can extract it from the service that manages the batch jobs or from the audit logs in Azure Automation.

7. data backups:

Regarding backup settings, it can be extracted through the Azure Backup service.

To perform an IT audit or design internal controls, you need to have an understanding of the cloud and what features it has. 

You should be able to determine what risks there are in the cloud and understand what features are provided to maintain the integrity, confidentiality, and availability of data.