Building on that, in your audit you found that two of the three departments lacked funds to implement their cybersecurity management plans.
When departments didn't have sufficient funding for cloud adoption, what aspects of the adoption were typically dropped?