Related InterviewSolutions

• Currently, I am leading the Information Security department in my organization and have to directly report to the CEO. They are planning for cloud migration then prior to going live requested my unit to perform Vulnerability Assessment (VA). What are the recommended steps to go through?
• My organization already implemented Enterprise Governance and IT Governance. Now after adopting Cloud for a few months, the Management and Executives turn their heads into Cloud Governance. Drawing the line further, they’d like to assure all the cloud computing resources are effectively and efficiently operated while also in-line with their business goals.
• We have implemented Cloud for a little while. My internal audit function in the organization have their own methodology and procedure, however, they are keen to know in general how to conduct such audit engagement for cloud computing?
• We have implemented a cloud for a little while. My internal audit function in the organization have our own methodology and procedure, however, they are wondering if there is any reference or guidance to validate the controls, align the audit objectives with our business objectives?
• Aside from cloud adoption, what about the cloud security framework I should carefully weigh up to define policies and procedures for implementing and managing controls as well as in the end meet the business objectives?
• The company I am working for is at the point that they agree to adopt cloud computing, however yet to identify and select the provider. What are the international frameworks we could derive the benefits from so the adoption getting higher chance to successfully go through?
• What are common features that Cloud Management tool has, to simplify the complexity of managing my cloud environment?
• As the end-user, what is the simplest way to manage the cloud service my organization subscribe to?
• If my data is stored in the cloud provider server and the device reside in another country, not in my home country, then which laws and regulations are applicable?
• Wearing the hat as IT and Information Security Lead in a privately-owned organization, what are the recommended vendor-neutral accreditations that served as the industry’s primary benchmark for measuring cloud security skill sets?