BA08 Audit And Certification Issues
| Context | Compliance manager works with cloud application |
| Problem | Audit and certification of cloud applications and infrastructure are inaccessible or restricted |
| Solution | |
| References | V.25: Audit or certification not available to customers [ENISA]; V.26: Certification schemes not adapted to cloud infrastructures [ENISA]; Log Unalterability, Type of incident notification, Audit Record Generation Frequency [Casola]; |
| Type | ns:type_ThreatPattern |
| Victim | su:comp_CloudApplication |
| Aggressor | su:comp_ComplianceManager |
| Aggr. role | ns:role_Client |
| STRIDE | |
| Threat | ns:threat_txRepudiation; ns:threat_txTrackErasing |