What is CSA Cloud Controls Matrix (CCM)

The Cloud Controls Matrix (CCM) is a cybersecurity control framework for cloud computing aligned to the CSA best practices, that is considered the de-facto standard for cloud security and privacy. The accompanying questionnaire, CAIQ, provides a set of “yes or no” questions based on the security controls in the CCM.

You can now download the CCM and CAIQ together.

These 2 files consist of all required documentation.

  • CCM v4
  • Mappings
  • CAIQ v4
  • STAR Level 1: Security Questionnaire (CAIQ v4)
  • Implementation Guidelines
  • Auditing Guidelines

Mappings enable you to connect the dots if you are already Compliant with other major Compliance standards.

  • ISO/IEC 27001/27002/27017/27018
  • CCM V3.0.1
  • AICPA TSC
  • CIS Controls V8
  • NIST 800-53r5
  • PCI DSSv3.2.1

[source: cloudsecurityalliance.org]

Please follow and like us:

Author: Chathura Ariyadasa

♚Father ♚Innovative Technical Architect ♚ Cyber Security Strategist ♞ vCISO | vCIO ♞ Blogger & an Adrenaline junkie...