Download Publication

Cloud Controls Matrix v4
Cloud Controls Matrix v4

Cloud Controls Matrix v4

Release Date: 01/20/2021

The mappings for v4 are not available yet, however we encourage you to use this document to prepare your organization to eventually transition to CCM v4.

The Cloud Controls Matrix (CCM) is a cybersecurity control framework for cloud computing aligned to the CSA best practices, that is considered the de-facto standard for cloud security and privacy. Version 4 of the CCM constitutes a significant upgrade to the previous version (v3.0.1) by delivering a significant increase of requirements as result of developing additional controls and updating existing ones. The objective of this update was to continue to lead the security industry and market as the cloud provider and user-centric control framework of choice for all. 

Related Certificates & Training | STAR Program

Changes in version 4: 
  • Ensured coverage of requirements deriving from new cloud technologies.
  • New controls and security responsibility matrix, improved auditability of the controls, and enhanced interoperability and compatibility with other standards. 
  • Changes in structure of the framework with a new domain dedicated to Log and Monitoring (LOG), and modifications in the existing ones (GRC, A&A, UEM, CEK). 
You can learn about the transition timeline for v3.0.1 to v4, and how that will affect STAR Registry submissions in this blog

Help CSA better understand how we can support the cloud community. Answer a couple of questions to download this resource.

In my current job I work in:

CSA is a community driven organization. We would like to send you updates about our ongoing initiatives and opportunities to participate.

By opting into this agreement I am indicating that I want to receive email updates from CSA on related projects. (Marketing purposes, Section 3 of the Privacy Policy).

You’ve made safer cloud computing possible.

Download

CSA is a community driven organization. We would like to send you updates about our ongoing initiatives and opportunities to participate.

By opting into this agreement I am indicating that I want to receive email updates from CSA on related projects. (Marketing purposes, Section 3 of the Privacy Policy).

Download