A. Incident management and response policies and procedures
When performing audits related to the organizational incident management process, it is essential to request the cloud service provider's incident management and response policies and procedures. These documents provide detailed information on how the provider identifies, manages, and responds to incidents, which is crucial for understanding their preparedness and effectiveness in handling security breaches or disruptions. By reviewing these policies and procedures, the auditor can assess whether the provider has appropriate measures in place to detect, respond to, and recover from incidents, and whether these measures align with the organization's requirements and expectations.
CCAK P#334 Incident Response, Notification and Remediation:
• Provide the service provider’s incident management and response policy and procedures.
• Provide the organization’s incident monitoring procedure, which should include both internal and service provider incidents.
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.CCAK Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Auditor2020
1Â month, 2Â weeks agosai_murthy
9Â months ago