From Security Guidance v4. Section 3.1.2.5:
It is critical for a provider to publish, and a customer to evaluate, the scope of the assessment, and which features and services are included in the assessment.
For third-party audits or attestations, it is critical for providers to publish and customers to evaluate:
A. Scope of the assessment and the exact included features and services for the assessment.
When it comes to third-party audits or attestations, the scope of the assessment is of utmost importance. Providers should clearly publish the scope of the assessment, specifying the exact features, services, and components included in the assessment. This helps customers understand which aspects of the provider's offering have been evaluated for security, compliance, or other relevant factors.
By evaluating the scope, customers can assess if the assessed components align with their specific requirements, regulatory obligations, or industry standards. It provides transparency and allows customers to make informed decisions regarding the security and compliance of the provider's offerings.
This section is not available anymore. Please use the main Exam Page.CCSK Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
beazzlebub
Highly Voted 1 year, 6 months agonegevon
Most Recent 8 months agoBrainiac
10 months, 2 weeks agoSKUNK1
1 year, 2 months agoA_Nevermind
1 year, 4 months agocjkuga
1 year, 5 months ago