🔥 3-day streak
ISC2 CCSP — Certified Cloud Security Professional63 / 124
Question 63 of 124

A financial services company is negotiating with a cloud IaaS provider and wants third-party assurance that the provider has implemented cloud-specific security controls beyond the generic information security controls found in ISO/IEC 27002. The procurement team asks the security architect which certification or standard specifically extends the baseline controls with cloud-oriented implementation guidance and additional controls for both providers and customers. Which standard best meets this requirement?

Reviewed for accuracy · Report an issueNext question