CRISC Certified in Risk and Information Systems Control – Question508

Which of the following is MOST helpful to ensure effective security controls for a cloud service provider?

A.
Internal audit reports from the vendor
B. A control self-assessment
C. A third-party security assessment report
D. Service level agreement monitoring

Correct Answer: C