Download Publication
CCM v4.0 Implementation Guidelines
Release Date: 06/03/2024
Working Group: Cloud Controls Matrix
Download this Resource
Acknowledgements
Ankit Sharma
Security Officer, Compute BU at Cisco Systems
Hongtao Hao
Cybersecurity Expert, KPMG
Akshay Bhardwaj
Sr. Security Business Lead at Sprinklr
Akshay Bhardwaj is a cybersecurity professional and evangelist with over 8 years of experience specialising in cloud security, security compliance, DevSecOps, vulnerability management, and OSINT. Currently, he is focused on cloud security and AI security. His entrepreneurial spirit led him to start two service-based businesses in the past. He collaborates with global SMEs on research papers and offers his expertise by getting involved with ...
Michael Roza
Risk, Audit, Control and Compliance Professional at EVC
Since 2012, Michael Roza has been a pivotal member of the Cloud Security Alliance (CSA) family. He has contributed to over 125 projects, as a Lead Author or Author/Contributor and many more as a Reviewer/Editor.
Michael's extensive contributions encompass critical areas including Artificial Intelligence, Zero Trust/Software Defined Perimeter, Internet of Things, Top Threats, Cloud Control Matrix, DevSecOps, and Key Management. His lea...
Vani Murthy
Sr. Information Security Compliance Advisor, Akamai Technologies
Vani has 20+ years of IT experience in the areas such as Security, Risk, Compliance, Cloud services (IaaS/PaaS/SaaS) architecture
Johan Olivier
Security and Compliance Director
I am a Security and Compliance Director at QorusDocs where I am responsible for the company-wide information security posture and SOC 2 Type 2 compliance.
My career in the compliance space is backed by 20 years’ experience as a Software Solutions Architect and 2.5 years in an executive leadership position as SVP of Engineering.
Having worked in seven countries across four continents I have developed a special interest in behav...
Geoff Bird
Chief Information Security Officer
Ashish Vashishtha
Security Compliance Leader
Analytical, results-oriented IS/IT Audit, Governance, Risk, and Compliance (GRC) leader over 19 years of experience managing enterprise-wide IT/IS security risk approach for large healthcare and IT services organizations. Passionate design thinker with an ability to harness innovation by facilitating collaboration to develop enterprise-wide security risk assessments (onsite as well as remote) for high-risk Third-Parties leveraging NIST 800-...
Erik Johnson
Cloud Security Specialist & Senior Research Analyst, CSA
Worked for the Federal Reserve for many years and volunteered with the CSA with a focus on CCM/CAIQ V4, specifically the STA domain, and developing a comprehensive framework and guidance for defining and managing the cloud shared security responsibility model (SSRM).
I recently retired from the Federal Reserve and am now consulting with the CSA as a Senior Research Analyst with a focus on Zero Trust and Financial Services.
Linke...
Agnidipta Sarkar
Group CISO, Biocon
Agnidipta Sarkar has been evangelizing Cybersecurity, Privacy, Business Continuity, Digital Resilience, and Standardization through speaking at industry forums like Gartner, IDC, EC-Council, ISMG, BCI Global, CORE Resilience, etc. and through his contributions to standards bodies like the ISO, Cloud Security Alliance, and the Business Continuity Institute. He is a member of ISO panels for security & privacy, continuity & resilience, and ris...
Bala Krishnan
Sr. GRC SpecialistSr. GRC Specialist
Senior level CyberSecurity/Governance Risk and Compliance (GRC) Specialist with a Big4 background and 15 years’ experience (and several certifications) in the areas of Risk and Compliance Management, including Privacy and 3rd party risk management.
Interested in helping develop research with CSA?
Related Certificates & Training
Learn more