When should risk be evaluated as part of the governance process?
A . After the strategy phase of the lifecycle
B . Before deploying applications in the cloud
C . During user acceptance testing
D . During the initial planning stage
Answer: B.
Explanation:
Page 216 Manual.
must also be evaluated. Security should be evaluated from the perspective that the external cloud provider must demonstrate security equal to or better than the internal IT organization. Risk should be evaluated and mitigated as part of the governance process before deploying applications or services in the cloud.