Certificate of Cloud Auditing Knowledge (CCAK) — Question 181

An auditor identifies that a CSP received multiple customer inquiries and RFPs during the last month. Which of the following should be the BEST recommendation to reduce the CSP burden?

Answer options

• A. CSP can share all security reports with customers to streamline the process.
• B. CSP can schedule a call with each customer.
• C. CSP can answer each customer individually.
• D. CSP can direct all customers’ inquiries to the information in the CSA STAR registry.

Correct answer: D

Explanation

The best recommendation is to direct inquiries to the CSA STAR registry, as it provides comprehensive information and can address multiple questions at once, reducing the CSP's workload. Sharing security reports (option A) may not cover all inquiries, scheduling calls (option B) is time-consuming, and answering individually (option C) is inefficient.