An organization has an ISMS implemented, following ISO 27001 and Annex A controls. The CIO would like to migrate some of the infrastructure to the cloud. Which of the following standards would BEST assist in identifying controls to consider for this migration?

• A.ISO/IEC 27701
• B.ISO/IEC 22301
• C.ISO/IEC 27002
• D.ISO/IEC 27017

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST recommendation to offer an organization's HR department planning to adopt a new public SaaS application to ease the recruiting process?

• A.Ensure HIPAA compliance
• B.Implement a cloud access security broker
• C.Do not allow data to be in cleratext
• D.Consult the legal department

Comment: *

Name: *

Email: *

Verification: *

CCM: In the CCM tool, ais a measure that modifies risk and includes any process, policy, device, practice or any other actions which modify risk.

• A.Domain
• B.Control Specification
• C.Risk Impact

Comment: *

Name: *

Email: *

Verification: *

When reviewing a third-party agreement with a cloud service provider, which of the following should be the GREATEST concern regarding customer data privacy?

• A.Network intrusion detection
• B.Data retention, backup, and recovery
• C.Patch management process
• D.Return or destruction of information

Comment: *

Name: *

Email: *

Verification: *

In which control should a cloud service provider, upon request, inform customers of compliance impact and risk, especially if customer data is used as part of the services?

• A.Service Provider control
• B.Data Inventory control
• C.Impact and Risk control
• D.Compliance control

Comment: *

Name: *

Email: *

Verification: *