Exam CCSK topic 1 question 18 discussion

The governance domain that deals with evaluating how cloud computing affects compliance with internal security policies and various legal requirements, such as regulatory and legislative, is: C. Compliance and Audit Management Compliance and Audit Management is responsible for ensuring that an organization's cloud computing practices adhere to internal security policies as well as legal and regulatory requirements. This governance domain involves assessing and evaluating the impact of cloud computing on compliance, managing audits and certifications, and implementing controls to address any compliance gaps or risks. It focuses on aligning cloud operations with applicable laws, regulations, industry standards, and contractual obligations to maintain a secure and compliant cloud environment.

Compliance and Audit Management. Maintaining and proving compliance when using cloud computing. Issues dealing with evaluating how cloud computing affects compliance with internal security policies, as well as various compliance requirements (regulatory, legislative, and otherwise) are discussed here. This domain includes some direction on proving compliance during an audit