Gap Analysis Report - Mapping of the Association of Banks in Singapore Cloud Computing Implementation Guide 2.0 to Cloud Security Alliance Cloud Controls Matrix v3.0.1
Release Date: 09/14/2020
Working Group: Cloud Controls Matrix
The financial services industry is one of most important and regulated sectors in any market. It is typically bounded by a multitude of regulations that financial institutions (FIs) need to comply with. It is both daunting and challenging, yet a necessary task for conscientious FIs to review these available regulations / guidelines / frameworks / best practices, comply with mandatory regulations, and make decisions about which best practices and recommendations to take heed of, in order to reduce their overall risk exposure and keep up with the industry’s progress. This mammoth task gets exponentially difficult for FIs operating beyond a single country or regulatory space, especially when relevant regulations and frameworks are constantly evolving.
Because of this complex landscape, mapping of frameworks is a useful and popular tool for FIs looking to seek compliance to multiple standards and best practices. In this exercise, the Working Group mapped the Association of Banks in Singapore (ABS) Cloud Computing Implementation Guide (CCIG) 2.0 to CSA’s Cloud Controls Matrix 3.0.1, and summarized the mapping results in the accompanying Gap Analysis Report. Singapore FIs who are already in line with ABS CCIG 2.0 will benefit through being able to easily identify and fulfil additional controls (gaps) on top of the ABS CCIG 2.0 to achieve adherence to other targeted frameworks within CCM, which is useful when expanding to other markets.
CSA is a community driven organization. We would like to send you updates about our ongoing initiatives and opportunities to participate.
Provide feedback on this form