Which of the following What should be the BEST recommendation to reduce the provider’s burden?

CCAK V1 0 Comments

An auditor identifies that a cloud service provider received multiple customer inquiries and requests for proposal (RFPs) during the last month.

Which of the following What should be the BEST recommendation to reduce the provider’s burden?
A . The provider can answer each customer individually.
B . The provider can direct all customer inquiries to the information in the CSA STAR registry.
C . The provider can schedule a call with each customer.
D . The provider can share all security reports with customers to streamline the process

Answer: B

Explanation:

The CSA STAR registry is a publicly accessible registry that documents the security and privacy controls provided by popular cloud computing offerings. The registry is based on the Cloud Controls Matrix (CCM), which is a framework of cloud-specific security best practices, and the GDPR Code of Conduct, which is a set of privacy principles for cloud service providers. The registry allows cloud customers to assess the security and compliance posture of cloud service providers, as well as to compare different providers based on their level of assurance. The registry also reduces the complexity and cost of filling out multiple customer questionnaires and requests for proposal (RFPs). Therefore, the best recommendation to reduce the provider’s burden is to direct all customer inquiries to the information in the CSA STAR registry, which can demonstrate the provider’s transparency, trustworthiness, and adherence to industry standards. The provider can also encourage customers to use the Consensus Assessments Initiative Questionnaire (CAIQ), which is a standardized set of questions based on the CCM, to evaluate the provider’s security controls. Alternatively, the provider can pursue higher levels of assurance, such as third-party audits or continuous monitoring, to further validate their security and privacy practices and increase customer confidence.

Reference: STAR Registry | CSA

STAR | CSA

CSA Security Trust Assurance and Risk (STAR) Registry Reaches Notable … Why CSA STAR Is Important for Cloud Service Providers – A-LIGN

Latest CCAK Dumps Valid Version with 76 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CCAK PDF     CCAK Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments