Isaca CCAK - Certificate of Cloud Auditing Knowledge
The MAIN difference between the Cloud Controls Matrix (CCM) and the Consensus Assessment Initiative Questionnaire (CAIQ) is that:
The FINAL decision to include a material finding in a cloud audit report should be made by the:
An organization currently following the ISO/IEC 27002 control framework has been charged by a new CIO to switch to the NIST 800-53 control framework. Which of the following is the FIRST step to this change?
What is the FIRST thing to define when an organization is moving to the cloud?
Supply chain agreements between a cloud service provider and cloud customers should, at a minimum, include:
Supply chain agreements between a cloud service provider and cloud customers should, at a minimum, include:
Which of the following key stakeholders should be identified FIRST when an organization is designing a cloud compliance program?
Which of the following is the MOST important strategy and governance documents to provide to the auditor prior to a cloud service provider review?
Which of the following MOST enhances the internal stakeholder decision-making process for the remediation of risks identified from an organization's cloud compliance program?
Which of the following aspects of risk management involves identifying the potential reputational and financial harm when an incident occurs?