A multinational payment processor has migrated its transaction-processing application to a public IaaS provider. Local financial regulations require the company to document and prove that customer card data is handled in accordance with statutory security controls. Which of the following actions will most directly help the company demonstrate ongoing compliance with these requirements?
Enable automated horizontal scaling policies for the application servers
Adopt a recognized data-governance framework and schedule periodic external audits
Run all workloads inside containerized runtime environments with namespace isolation
Create isolated private network segments for each transaction tier
Implementing a formally recognized data-governance or security framework-such as PCI DSS or ISO/IEC 27001-and undergoing regular independent audits provides documented evidence that mandated security controls are in place and operating effectively. Network segmentation and container isolation can reduce risk but do not, by themselves, satisfy auditors. Autoscaling improves availability and performance but is unrelated to demonstrating regulatory compliance.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are data governance standards?
Open an interactive chat with Bash
Why are audits important in data governance?
Open an interactive chat with Bash
How do local data security rules affect cloud platforms?