It is undeniable that Cloud Computing becomes very popular in modern business. However, from some cases, there are evidences that it has affected personal privacy. Therefore, the need to review current traditional information systems auditing method becomes meaningful. In this research, the nature of the risks brought from cloud computing was explored; threat analysis has been done using Whitman's (2010) 14-category of threats. Finally, Weber's (1998) controls framework was reviewed to find out any gap existing in cloud computing information systems auditing.