🔥 3-day streak
ISC2 CISSP — Certified Information Systems Security Professional15 / 129
Question 15 of 129
A SaaS provider's enterprise customers increasingly demand independent assurance that the provider's controls over customer data are designed and operating effectively over a period of time. The provider's internal audit team already performs quarterly control reviews, but customers state that internal reports are insufficient for their own vendor risk programs. Which assessment approach BEST satisfies the customers' requirement?
Reviewed for accuracy · Report an issueNext question