Publication Coming Soon

Cloud Controls Matrix v4
Cloud Controls Matrix v4

Cloud Controls Matrix v4

The Cloud Controls Matrix (CCM) is a cybersecurity control framework for cloud computing aligned to the CSA Best Practices, that is considered the de-facto standard for cloud security and privacy. CSA released today the early draft of the version 4 of the standard. The CCM v.4 constitutes a significant upgrade to the previous version (v3.0.1) by introducing changes in structure of the framework with a new domain dedicated to Log and Monitoring (LOG), and modifications in the existing ones (GRC, A&A, UEM, CEK). This update will also deliver a significant increase of requirements as result of developing additional controls and updating existing ones. Additional features of the CCM v.4 update are: ensured coverage of requirements deriving from new cloud technologies, new controls and security responsibility matrix, improved auditability of the controls, and enhanced interoperability and compatibility with other standards. The objective of this update is to continue to lead the security industry and market as the cloud provider and user-centric control framework of choice for all. Share your knowledge by providing feedback and contributing to the open peer review for CCM v.4. Participants of the peer review are asked to focus on the content and semantics of controls.

CCM Mappings | Related Certificates & Training | STAR Program

Coming Soon!

This research document is still being finalized. Fill out the following form and we’ll send you the final document once it is released.

CSA is a community driven organization. We would like to send you updates about our ongoing initiatives and opportunities to participate.

By opting into this agreement I am indicating that I want to receive email updates from CSA on related projects. (Marketing purposes, Section 3 of the Privacy Policy).