1
Q
ISO27002
A
Security controls framework
2
Q
27017/18
A
Cloud management framework
3
Q
ISO 27701
A
Personal Data and privacy
4
Q
ISO 31000
A
Best for overall risk management assessment not just security
5
Q
ISO 21000
A
Cyber security framework
6
Q
SOC 2
CIAP
A
Service organisational controls - Evaluates internal controls for storing customer data
Confidentiality,
Integrity,
Availability,
Privacy
7
Q
SSAE
A
Statement of standards for attestation - is a certified audit to ensure consumers that cloud providers are meeting professional standards
8
Q
SOC2 Type 1
A
Assess the design and implementation
9
Q
SOC2 Type 2
A
Assess the effectiveness of the design between 6 - 12 months
10
Q
SOC 3
A
Is a high level certification to clarify compliance with SOC2
CompTia Security
flashcards
Decks in class (6)
# Cards
