Which of the following will BEST provide an organization with ongoing assurance of the information security services provided by a cloud provider?
A. Continuous monitoring of an information security risk profile
B. Evaluating the provider’s security incident response plan
C. Requiring periodic self-assessment by the provider
D. Ensuring the provider’s roles and responsibilities are established
A. Continuous monitoring of an information security risk profile
B. Evaluating the provider’s security incident response plan
C. Requiring periodic self-assessment by the provider
D. Ensuring the provider’s roles and responsibilities are established