Certificate of Cloud Auditing Knowledge (CCAK) — Question 267

To identify key actors and requirements, which of the following MUST be considered when designing a cloud compliance program?

Answer options

• A. Cloud service provider, internal and external audit perspectives
• B. Business/organizational, governance, cloud and risk perspectives
• C. Enterprise risk management, data protection, privacy and legal perspectives
• D. Key stakeholders, enterprise risk management, and Internal audit perspectives

Correct answer: B

Explanation

Option B is correct because it encompasses a comprehensive view of the business, governance, and risk considerations necessary for cloud compliance. The other options, while relevant, do not cover the same breadth of necessary perspectives that are crucial for a cloud compliance program.