Download Publication
.png)
CCM Video Series: STA - Supply Chain Mgmt, Transparency, & Accountability
Release Date: 11/02/2024
In this presentation we explore the Supply Chain Management, Transparency, and Accountability (STA) domain, which includes fourteen control specifications designed to help Cloud Service Providers (CSPs) and Cloud Service Customers (CSCs) manage supply chain risks and ensure security across the entire technology stack. These controls support the protection of confidentiality, integrity, and availability of information, applications, and services while ensuring regulatory compliance throughout the supply chain.
Under the Shared Security Responsibility Model (SSRM), CSPs are responsible for securing and managing their own supply chain and maintaining operational transparency. CSCs need to assess the risks associated with their chosen CSPs and supply chain vendors, ensuring that their security requirements are met.
Effective collaboration in implementing STA controls fosters transparency and accountability between CSPs and CSCs, leading to a more secure and resilient supply chain. For CSCs, this collaboration ensures that their specific security needs and concerns regarding the supply chain are adequately addressed.
Under the Shared Security Responsibility Model (SSRM), CSPs are responsible for securing and managing their own supply chain and maintaining operational transparency. CSCs need to assess the risks associated with their chosen CSPs and supply chain vendors, ensuring that their security requirements are met.
Effective collaboration in implementing STA controls fosters transparency and accountability between CSPs and CSCs, leading to a more secure and resilient supply chain. For CSCs, this collaboration ensures that their specific security needs and concerns regarding the supply chain are adequately addressed.
Download this Resource
Are you a research volunteer? Request to have your profile displayed on the website here.
Related Certificates & Training

Learn the core concepts, best practices and recommendation for securing an organization on the cloud regardless of the provider or platform. Covering all 14 domains from the CSA Security Guidance v4, recommendations from ENISA, and the Cloud Controls Matrix, you will come away understanding how to leverage information from CSA's vendor-neutral research to keep data secure on the cloud.
Learn more
Learn more