Certificate of Cloud Auditing Knowledge (CCAK) — Question 107

From a systems development life cycle perspective, where a Software as a Service (SaaS) provider follows a DevOps approach, it is MOST beneficial for continuous auditing controls to be:

Answer options

• A. designed natively into the software.
• B. subjected to independent review.
• C. integrated with external tools.
• D. evaluated with high frequency.

Correct answer: A

Explanation

The correct answer is A because having continuous auditing controls designed natively into the software ensures they are an integral part of the development process, allowing for real-time monitoring and compliance. The other options, while potentially useful, do not provide the same level of integration and immediacy as native design does.