Certificate of Cloud Auditing Knowledge (CCAK) — Question 134

As part of continuous auditing, which of the following should a third-party auditor verify on a regular basis?

Answer options

• A. Reporting tools are reliable and based on defined objectives.
• B. The cloud service provider is compliant.
• C. Assessment tools are configured based on cloud security best practices.
• D. Application programming interfaces (APIs) implemented are appropriate.

Correct answer: A

Explanation

The correct answer is A, as verifying that reporting tools are reliable and aligned with defined objectives is essential for accurate auditing. Options B, C, and D, while important, pertain to compliance and configuration rather than the reliability of reporting tools, which is a specific focus of continuous auditing.