During a third-party risk assessment of potential cloud service providers, what topic should be emphasized in the questionnaire to ascertain the provider’s ability to maintain the confidentiality and integrity of your organization’s data?
Techniques and protocols for data encryption in transit and at rest
Disaster recovery time objectives for service continuity
Percentage of the provider’s IT budget allocated to research and development
Yearly employee turnover rates within the provider’s IT department
|Security Program Management and Oversight
|Threats, Vulnerabilities, and Mitigations
|General Security Concepts