The question I had: Do we as a company get by extension the benefits of cloud companies having all the certificates and good practices when it comes to protecting and keeping data safe. We are working with *** and ***. An example scenario would be an auditor asking my company how we back up data? And our answer is that we back up our data on 2 different servers: *** and *** for example. Would that be OK? Since we are not the ones responsible for the data, but we are offloading this to a much more secure company. Is this something that we can evaluate as low risk and not implement special controls when it comes to protecting this data, since we are getting the benefits of using a cloud provider?