An organization with high availability resource requirements is selecting a provider for cloud computing.
Which of the following would cause the GREATEST concern to an IS auditor? The provider:
Click on the arrows to vote for the correct answer
A. B. C. D.C.
As an IS auditor, the greatest concern among the given options would be option D, which states that the cloud provider hosts systems for the organization's competitor. This concern is primarily related to the security of the organization's data and the risk of data leakage or unauthorized access.
Hosting systems for a competitor means that the cloud provider is also working with a potentially conflicting organization that may have competing interests. This relationship could potentially result in a conflict of interest, where the provider may have to make decisions that favor one organization over the other. This could result in a compromise of the organization's data security and confidentiality.
Furthermore, the cloud provider may not be able to guarantee the isolation and segregation of the organization's data from that of the competitor's data. This situation could lead to unauthorized access or leakage of the organization's data to the competitor.
Option A states that the provider is not internationally certified for high availability. While this could be a concern, it is not as significant as the risk of data leakage and unauthorized access.
Option B states that the provider does not store backup media offsite. This could also be a concern, but it does not pose as great a risk as the potential compromise of data security resulting from the provider's relationship with a competitor.
Option C states that the provider deploys patches automatically without testing. While this could potentially result in system downtime or other issues, it is not as significant a concern as the risk of data leakage and unauthorized access resulting from the provider's relationship with a competitor.