Publication Peer Review

Cloud Controls Matrix v4
Cloud Controls Matrix v4

Cloud Controls Matrix v4

The Cloud Controls Matrix (CCM) is a cybersecurity control framework for cloud computing aligned to the CSA Best Practices, that is considered the de-facto standard for cloud security and privacy. CSA released today the early draft of the version 4 of the standard. The CCM v.4 constitutes a significant upgrade to the previous version (v3.0.1) by introducing changes in structure of the framework with a new domain dedicated to Log and Monitoring (LOG), and modifications in the existing ones (GRC, A&A, UEM, CEK). This update will also deliver a significant increase of requirements as result of developing additional controls and updating existing ones. Additional features of the CCM v.4 update are: ensured coverage of requirements deriving from new cloud technologies, new controls and security responsibility matrix, improved auditability of the controls, and enhanced interoperability and compatibility with other standards. The objective of this update is to continue to lead the security industry and market as the cloud provider and user-centric control framework of choice for all. Share your knowledge by providing feedback and contributing to the open peer review for CCM v.4. Participants of the peer review are asked to focus on the content and semantics of controls.

CCM Mappings | Related Certificates & Training | STAR Program

Request to Participate