A. Periodic documentation review
Periodic documentation review helps an organization identify control gaps and shortcomings in the context of cloud computing by systematically evaluating existing policies, procedures, and control documentation. This process ensures that all documentation is up-to-date, accurate, and reflective of current practices and regulatory requirements. During these reviews, organizations can identify discrepancies, outdated controls, and areas where additional controls may be needed to address new risks or changes in the cloud environment.
While user security awareness training (B) enhances understanding of security protocols, walk-through peer reviews (C) provide peer insights on processes, and monitoring effectiveness (D) evaluates how well controls are functioning, periodic documentation review specifically focuses on identifying and addressing gaps within the documented control framework.
P# 140 Risk management is an ongoing process. After controls are implemented, it is important to continuously monitor and assess their effectiveness. Gaps and shortcomings may be identified, requiring controls to be modified, removed or added. Moreover, as the organization grows and threats evolve or change, new risk emerges, requiring the selection and implementation of new controls.
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.CCAK Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Auditor2020
1 month, 2 weeks agosai_murthy
9 months ago