Account design in the cloud should be driven by:
Answer(s): A
What should be the control audit frequency for Business Continuity Management?
Answer(s): B
https://repository.stcloudstate.edu/cgi/viewcontent.cgi?article=1068&context=msia_etds
Which of the following should be an assurance requirement when an organization is migrating to a Software as a Service (SaaS) provider?
Answer(s): C
Access controls are an assurance requirement when an organization is migrating to a SaaS provider because they ensure that only authorized users can access the cloud services and data. Access controls also help to protect the confidentiality, integrity and availability of the cloud resources. Access controls are part of the Cloud Control Matrix (CCM) domain IAM-01: Identity and Access Management Policy and Procedures, which states that "The organization should have a policy and procedures to manage user identities and access to cloud services and data."
CCAK Study Guide, Chapter 4: A Threat Analysis Methodology for Cloud Using CCM, page 751
In a multi-level supply chain structure where cloud service provider A relies on other sub cloud services, the provider should ensure that any compliance requirements relevant to the provider are:
In a multi-level supply chain structure, the cloud service provider should ensure that any compliance requirements relevant to the provider are passed to the sub cloud service providers, regardless of their geographic location. This is because the sub cloud service providers may have access to or process the data of the provider's customers, and thus may affect the compliance status of the provider. The provider should also monitor and verify the compliance of the sub cloud service providers on a regular basis. This is part of the Cloud Control Matrix (CCM) domain COM-01:Regulatory Frameworks, which states that "The organization should identify and comply with applicable regulatory frameworks, contractual obligations, and industry standards."1 Reference :CCAK Study Guide, Chapter 3: Cloud Compliance Program, page 51
Post your Comments and Discuss ISACA CCAK exam with other Community members:
ccak commented on June 08, 2023 ccak is hard Anonymous upvote
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the CCAK content, but please register or login to continue.