Certificate of Cloud Auditing Knowledge (CCAK) — Question 251

Which of the following is the BEST control framework for a European manufacturing corporation that is migrating to the cloud?

Answer options

• A. NIST SP 800-53
• B. CSA’s GDPR CoC
• C. PCI-DSS
• D. EU GDPR

Correct answer: D

Explanation

The EU GDPR is the most suitable control framework for a European corporation due to its focus on data protection and privacy within the EU. While NIST SP 800-53 and PCI-DSS are important frameworks, they do not specifically address the EU’s regulations regarding data handling as effectively as the EU GDPR does. CSA’s GDPR CoC is also relevant but does not carry the same legal weight as the EU GDPR.