Exam CCAK topic 1 question 93 discussion

The answer to the question is D. The best way to deliver continuous compliance in a cloud environment is to combine point-in-time assurance approaches with continuous auditing. This information can be found on page 319 of the Certificate of Cloud Auditing Knowledge Study Guide. "None of the static approaches to compliance can give assurance of what could happen one day after the audit is finalized... depending on the level of assurance the cloud customer requests, a different approach might be required, based on continuous auditing." This implies that combining point-in-time assurance approaches with continuous auditing would provide the best way to deliver continuous compliance in a cloud environment.

The BEST way to deliver continuous compliance in a cloud environment is: **B. combine point-in-time assurance approaches with continuous monitoring.** Combining point-in-time assurance approaches with continuous monitoring is the most effective method for ensuring ongoing compliance in a dynamic cloud environment. Point-in-time assurance provides a snapshot of compliance at a specific moment, while continuous monitoring enables real-time oversight of compliance status and can quickly identify any deviations or issues as they occur. This combination allows an organization to maintain a proactive stance, addressing compliance requirements dynamically and adjusting to changes in the cloud environment. It is more efficient than simply increasing the frequency of audits or attestations, which might not capture ongoing changes and risks effectively.

D. combine point-in-time assurance approaches with continuous auditing.