Certificate of Cloud Security Knowledge (CCSK) — Question 8

Which governance domain deals with evaluating how cloud computing affects compliance with internal security policies and various legal requirements, such as regulatory and legislative?

Answer options

• A. Legal Issues: Contracts and Electronic Discovery
• B. Infrastructure Security
• C. Compliance and Audit Management
• D. Information Governance
• E. Governance and Enterprise Risk Management

Correct answer: C

Explanation

The correct answer, C, Compliance and Audit Management, specifically addresses the evaluation of cloud computing's impact on compliance with security policies and legal requirements. The other options, while related to governance, do not focus directly on compliance and audit aspects in the context of cloud computing.