Certificate of Cloud Auditing Knowledge (CCAK) — Question 15

While performing the audit, the auditor found that an object storage bucket containing PII could be accessed by anyone on the Internet. Given this discovery, what should be the most appropriate action for the auditor to perform?

Answer options

• A. Highlighting the gap to the audit sponsor at the sponsor’s earliest possible availability
• B. Asking the organization’s cloud administrator to immediately close the gap by updating the configuration settings and making the object storage bucket private and hence inaccessible from the Internet
• C. Documenting the finding in the audit report and sharing the gap with the relevant stakeholders
• D. Informing the organization’s internal audit manager immediately about the gap

Correct answer: B

Explanation

The correct action is B because it directly addresses the immediate risk by ensuring the object storage bucket is made private, thereby protecting the PII. Option A delays action by waiting for the sponsor's availability, option C documents the issue without immediate remediation, and option D informs management but does not resolve the access vulnerability right away.