Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Get 50% off the Cloud Infrastructure Security training bundle with code 'unlock50advantage'

Download Publication

Home
Publications
CCM v3.0.1 Addendum - BSI Germany C5 v1
CCM v3.0.1 Addendum - BSI Germany C5 v1

CCM v3.0.1 Addendum - BSI Germany C5 v1

Release Date: 01/18/2019

Working Group: Cloud Controls Matrix

This document is an addendum to the Cloud Controls Matrix
(CCM) V3.0.1 controls. It contains the additional controls that serves to
bridge the gap between CCM and the German Federal Office for Information
Security (BSI) Compliance Controls Catalogue (C5).
Download this Resource

Prefer to access this resource without an account? Download it now.

Bookmark
Share
Related resources

Related Resources

PublicationsBlogs
NIST CSF v2 Cloud Community Profile - Based on CCM v4
NIST CSF v2 Cloud Community Profile - Based on ...
Download Now
Informative Reference Details for the Mapping of CCM v4 to NIST CSF v2
Informative Reference Details for the Mapping o...
Download Now
CCM-Lite and CAIQ-Lite
CCM-Lite and CAIQ-Lite
Download Now
View all publications
Modern Day Vendor Security Compliance Begins with the STAR Registry
Modern Day Vendor Security Compliance Begins with the STAR Registry
Published: 12/20/2024
Top Threat #6 - Code Confusion: The Quest for Secure Software Development
Top Threat #6 - Code Confusion: The Quest for Secure Software Devel...
Published: 12/02/2024
CSA Community Spotlight: Creating Globally-Recognized Cybersecurity Assessments with Willy Fabritius
CSA Community Spotlight: Creating Globally-Recognized Cybersecurity...
Published: 11/27/2024
CSA Community Spotlight: Addressing Emerging Security Challenges with CISO Pete Chronis
CSA Community Spotlight: Addressing Emerging Security Challenges wi...
Published: 11/18/2024
View all blogs
View all webinars

Acknowledgements

Michael Roza
Michael Roza
Risk, Audit, Control and Compliance Professional at EVC

Michael Roza

Risk, Audit, Control and Compliance Professional at EVC

Since 2012, Michael Roza has been a pivotal member of the Cloud Security Alliance (CSA) family. He has contributed to over 125 projects, as a Lead Author or Author/Contributor and many more as a Reviewer/Editor.

Michael's extensive contributions encompass critical areas including Artificial Intelligence, Zero Trust/Software Defined Perimeter, Internet of Things, Top Threats, Cloud Control Matrix, DevSecOps, and Key Management. His lea...

Read more

Victor Chin Headshot Missing
Victor Chin

Victor Chin

Daniele Catteddu
Daniele Catteddu
Chief Technology Officer, CSA

Daniele Catteddu

Chief Technology Officer, CSA

Daniele Catteddu is an information security and risk management practitioner, technologies expert and privacy evangelist with over 15 of experience. He worked in several senior roles both in the private and public sector. He is member of various national and international security expert groups and committees on cyber-security and privacy, keynote speaker at several conferences and author of numerous studies and papers on risk management, ...

Read more

Angela Dogan
Angela Dogan
Director, Vendor Risk Management and Compliance Services, Lynx Technology Partners

Angela Dogan

Director, Vendor Risk Management and Compliance Services, Lynx Technology Partners

Angela Dogan is the Director, Vendor Risk Management and Compliance Services for Lynx Technology Partners. Previously, she served as Senior Project Manager for the Santa Fe Group and Vendor Auditor for Resurgent Capital Services.

With 15 years in the financial services industry, she is well-versed in standardized control frameworks such as those created by the Shared Assessments Program and Cloud Security Alliance, where she is a memb...

Read more

Reid Leake Headshot Missing
Reid Leake

Reid Leake

Keith Stocks Headshot Missing
Keith Stocks

Keith Stocks

Timo Alexander Grof Headshot Missing
Timo Alexander Grof

Timo Alexander Grof

Noel Haskins-Hafer Headshot Missing
Noel Haskins-Hafer

Noel Haskins-Hafer

Kris Seeburn Headshot Missing
Kris Seeburn

Kris Seeburn

Amita Radhakrishnan Headshot Missing
Amita Radhakrishnan

Amita Radhakrishnan

Dibya Ranjan Nath Headshot Missing
Dibya Ranjan Nath

Dibya Ranjan Nath

Hardeep Mehrotara Headshot Missing
Hardeep Mehrotara

Hardeep Mehrotara

Jevon Wooden Headshot Missing
Jevon Wooden

Jevon Wooden

Leena Singal Headshot Missing
Leena Singal

Leena Singal

Loredana Mancini Headshot Missing
Loredana Mancini

Loredana Mancini

Manjunath A.T. Headshot Missing
Manjunath A.T.

Manjunath A.T.

Subrata Baguli Headshot Missing
Subrata Baguli

Subrata Baguli

Umar Khan Headshot Missing
Umar Khan

Umar Khan

Vamsi Kaipa Headshot Missing
Vamsi Kaipa

Vamsi Kaipa

Coral Brockman Headshot Missing
Coral Brockman

Coral Brockman

William Keogh
William Keogh
Membership Experience Advisor, CSA

William Keogh

Membership Experience Advisor, CSA

Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Join this Working Group
View all Working Groups

Related Certificates & Training