CCM v4.0 Implementation Guidelines
Release Date: 09/13/2021
Working Group: Cloud Controls Matrix Working Group
Download this Resource
Sr. Information Security Compliance Advisor, Akamai Technologies
Vani has 20+ years of IT experience in the areas such as Security, Risk, Compliance, Cloud services (IaaS/PaaS/SaaS) architecture
Security and Compliance Director
I am a Security and Compliance Director at QorusDocs where I am responsible for the company-wide information security posture and SOC 2 Type 2 compliance.
My career in the compliance space is backed by 20 years’ experience as a Software Solutions Architect and 2.5 years in an executive leadership position as SVP of Engineering.
Having worked in seven countries across four continents I have developed a special interest in behav...
Chief Information Security Officer
This person does not have a biography listed with CSA.
Security Compliance Leader
Analytical, results-oriented IS/IT Audit, Governance, Risk, and Compliance (GRC) leader over 19 years of experience managing enterprise-wide IT/IS security risk approach for large healthcare and IT services organizations. Passionate design thinker with an ability to harness innovation by facilitating collaboration to develop enterprise-wide security risk assessments (onsite as well as remote) for high-risk Third-Parties leveraging NIST 800-...
Cloud Security Specialist & Senior Research Analyst
Worked for the Federal Reserve for many years and volunteered with the CSA with a focus on CCM/CAIQ V4, specifically the STA domain, and developing a comprehensive framework and guidance for defining and managing the cloud shared security responsibility model (SSRM).
I recently retired from the Federal Reserve and am now consulting with the CSA as a Senior Research Analyst with a focus on Zero Trust and Financial Services.
Head of Risk, Audit, Control and Compliance
Since 2012 Michael has contributed to over 100 CSA projects completed by CSA's Internet of Things, Zero Trust/Software-Defined Perimeter, Top Threats, Cloud Control Matrix, Containers/Microservices, DevSecOps, and other working groups. He has also served as co-chair of CSA's Enterprise Architecture, Top Threats, and Security-as-a-Service working groups while also serving as the Standards Liaison Officer for IoT, ICS, EA, SECaaS, and Cloud K...
Group CISO, Biocon
Agnidipta Sarkar has been evangelizing Cybersecurity, Privacy, Business Continuity, Digital Resilience, and Standardization through speaking at industry forums like Gartner, IDC, EC-Council, ISMG, BCI Global, CORE Resilience, etc. and through his contributions to standards bodies like the ISO, Cloud Security Alliance, and the Business Continuity Institute. He is a member of ISO panels for security & privacy, continuity & resilience, and ris...
Sr. GRC SpecialistSr. GRC Specialist
Senior level CyberSecurity/Governance Risk and Compliance (GRC) Specialist with a Big4 background and 15 years’ experience (and several certifications) in the areas of Risk and Compliance Management, including Privacy and 3rd party risk management.