They're asking for evidence that your admin accounts are reviewed for permissions needed each quarter, that you are doing your DR tests, that you are following documented change management processes, etc, not asking to look at what your running containers are doing.
There is absolutely no way that any compliance audit I can think of would or would even attempt to uncover that kind of info.
They're asking for evidence that your admin accounts are reviewed for permissions needed each quarter, that you are doing your DR tests, that you are following documented change management processes, etc, not asking to look at what your running containers are doing.
There is absolutely no way that any compliance audit I can think of would or would even attempt to uncover that kind of info.