Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Csa Discussions

Exam CCSK topic 1 question 22 discussion

Actual exam question from CSA's CCSK
Question #: 22
Topic #: 1
[All CCSK Questions]

Which of the following statements are NOT requirements of governance and enterprise risk management in a cloud environment?

  • A. Inspect and account for risks inherited from other members of the cloud supply chain and take active measures to mitigate and contain risks through operational resiliency.
  • B. Respect the interdependency of the risks inherent in the cloud supply chain and communicate the corporate risk posture and readiness to consumers and dependent parties.
  • C. Negotiate long-term contracts with companies who use well-vetted software application to avoid the transient nature of the cloud environment.
  • D. Provide transparency to stakeholders and shareholders demonstrating fiscal solvency and organizational transparency.
  • E. Both B and C.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Brainiac at May 24, 2023, 1:40 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
shiqna
3 months, 2 weeks ago
Selected Answer: E
The answer is E as both B and C are correct. Regarding B; we do not have to 'Respect' the interdependencies but can also evaluate to mitigate the risk as well. It is based on a risk assessment whether to 'respect' them which is equivalent to accepting them and do nothing or to identify mitigating controls and reduce the risk exposure. The resultant residual risk and health of mitigating controls can be reported to the management.
upvoted 1 times
...
Brainiac
11 months, 1 week ago
The statement that is NOT a requirement of governance and enterprise risk management in a cloud environment is: C. Negotiate long-term contracts with companies who use well-vetted software application to avoid the transient nature of the cloud environment. While negotiating long-term contracts and using well-vetted software applications can be strategies organizations employ in a cloud environment, it is not specifically a requirement of governance and enterprise risk management. The other statements mentioned, A, B, and D, align with the requirements of governance and enterprise risk management in a cloud environment, which involve inspecting and accounting for risks, respecting interdependencies, communicating risk posture, and providing transparency to stakeholders.
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel