Certificate of Cloud Auditing Knowledge (CCAK) — Question 158

Which of the following is a cloud-specific security standard?

Answer options

• A. ISO27017
• B. ISO27701
• C. ISO22301
• D. ISO14001

Correct answer: A

Explanation

ISO27017 is a standard that provides guidelines for information security controls applicable to the provision and use of cloud services, making it cloud-specific. The other standards, while significant in their respective fields, do not focus specifically on cloud security: ISO27701 pertains to privacy information management, ISO22301 is about business continuity, and ISO14001 relates to environmental management.