CSA Releases CCM v3.0 Info Sheet for Updates on New Controls, Domains
In conjunction with its release of the Cloud Controls Matrix, v3.0, the Cloud Security Alliance has published a CCM Info Sheet that describes the CCM, changes in v3.0, and the alignment of the CCM to the "Security Guidance for Critical Areas of Focus in Cloud Computing, v3.0" and the Open Controls Framework (OCF). The latest version includes the addition of three new domains, "Mobile Security,” “Supply Change Management, Transparency and Accountability,” and “Interoperability & Portability.” Several existing domains have been overhauled to improve clarity, intent, and control overlap. For over a year, more than 200 reviewers have reworked the 136 controls to be auditable. Existing information has been strengthened by delineating control guidance by service provider and consumer, and by differentiating according to cloud model type and environment. The CCM provides a controls framework in 16 domains that are cross-walked to other industry-accepted security standards, regulations, and controls frameworks to reduce audit complexity. Learn more about the CCM v3.0 by downloading the Info Sheet.
About Cloud Security Alliance
The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, follow us on Twitter @cloudsa.
For press inquiries, email Zenobia Godschalk of ZAG Communications or reach her by phone at 650.269.8315.