Cloud Controls Matrix v3.0.1 (10-6-16 Update)
Cloud Security Alliance Releases Candidate Mapping of ISO 27002/27017/27018 Security Controls
At the Cloud Security Alliance Summit San Francisco 2016, the CSA announced the release of the Candidate Mappings of ISO 27002/27017/27018 to version 3.0.1 of the CSA Cloud Controls Matrix (CCM).
The ISO 27XXX series provides an overview of information security management systems. ISO 27002 provides further security techniques on controls based in ISO 27001. ISO 27017 adds this security code of conduct to the procurement of cloud services. Finally, ISO 27018 is the first international standard delivering security techniques on the privacy and protection of PII (Personally Identifiable Information).
Additional updates to control language, Cloud Service Delivery Model Applicability, and Supplier Relationship have been logged.
October 6 updates include updates to align for consistency with CAIQ
Release Date: 06/06/2016