An organization is migrating its services to a cloud environment and wants to document the specific security responsibilities of both the cloud provider and themselves, such as who manages data encryption and who handles infrastructure security. Which of the following would BEST help them define and document this division of responsibilities?
Create a responsibility matrix
Develop an Acceptable Use Policy
Establish a Business Continuity Plan
Review the Service Level Agreement