Certificate of Cloud Auditing Knowledge (CCAK) — Question 223

In a situation where duties related to cloud risk management and control are split between an organization and its cloud service providers, which of the following would BEST help to ensure a coordinated approach to risk and control processes?

Answer options

• A. Establishing a joint security operations center
• B. Automating reporting of risk and control compliance
• C. Co-locating compliance management specialists
• D. Maintaining a centralized risk and controls dashboard

Correct answer: A

Explanation

Establishing a joint security operations center allows both the organization and the cloud service provider to collaborate closely on risk management and control strategies, promoting effective communication and coordination. The other options, while beneficial, do not facilitate the same level of direct collaboration and joint response as a dedicated operations center.