Download Publication
![Consensus Assessment Initiative Questionnaire (CAIQ) v3.1 [No Longer Accepted]](https://cloudsecurityalliance.org/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBamxGIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--1d8693c155a9e380e8ff1baa1bd70ec5ad6988e5/CAIQ-No-Longer-Accepted.png/)
Consensus Assessment Initiative Questionnaire (CAIQ) v3.1 [No Longer Accepted]
Release Date: 04/01/2020
Working Group: Consensus Assessments
This version of the CAIQ is no longer accepted to the STAR Registry. Please download the new version of CAIQ Version 4, which has been combined with the Cloud Controls Matrix.
The CAIQ and CCM are used by CSPs to submit to the CSA STAR Registry. You can learn about the transition timeline for v3.1 to v4, and how that will affect submission to the STAR Registry in this blog.
Download this Resource
Related Resources
Acknowledgements

Michael Roza
Risk, Audit, Control, and Compliance Professional
Since 2012 Michael has contributed to over 85 CSA projects completed by CSA's Internet of Things, Zero Trust/Software-Defined Perimeter, Top Threats, Cloud Control Matrix, Containers/Microservices, DevSecOps, and other working groups. He has also served as co-chair of CSA's Enterprise Architecture, Top Threats, and Security-as-a-Service working groups while also serving as the Standards Liaison Officer for IoT, ICS, EA, SECaaS, and Cloud Ke...

Victor Chin
This person does not have a biography listed with CSA.

Jon-Michael Brook
Jon-Michael C. Brook, Principal at Guide Holdings, LLC, has 20 years of experience in Information Security with such organizations as Raytheon, Northrop Grumman, Booz Allen Hamilton, Optiv Security and Symantec. Mr. Brook's work traverses the government, financial, healthcare, gaming, oil and gas and pharmaceutical industries. Mr. Brook obtained a number of industry certifications, including CISSP and CCSK, has patents and trade secrets in...

Daniele Catteddu
Chief Technology Officer, CSA
Daniele Catteddu is an information security and risk management practitioner, technologies expert and privacy evangelist with over 15 of experience. He worked in several senior roles both in the private and public sector. He is member of various national and international security expert groups and committees on cyber-security and privacy, keynote speaker at several conferences and author of numerous studies and papers on risk management, ...

Shawn Harris
Director of Information Security
With more than 25 years of information security experience, Shawn Harris is currently the Director of Information Security at Starbucks Coffee Company. His background includes engineering, architecture, and executive responsibilities. Shawn is currently co-chair of the CSA Cloud Controls Matrix working group, where he led efforts to develop the Cloud Control Matrix 4.0. Additionally, he has served on CSA’s Consensus Assessments ...

Alain Pannetrat
Senior Researcher, STAR Product Manager, CSA
This person does not have a biography listed with CSA.

Angela Dogan
Director, Vendor Risk Management and Compliance Services, Lynx Technology Partners
Angela Dogan is the Director, Vendor Risk Management and Compliance Services for Lynx Technology Partners. Previously, she served as Senior Project Manager for the Santa Fe Group and Vendor Auditor for Resurgent Capital Services.
With 15 years in the financial services industry, she is well-versed in standardized control frameworks such as those created by the Shared Assessments Program and Cloud Security Alliance, where she is a memb...

Harry Lu
Manager, PwC Cybersecurity
Harry Lu brings perspectives of Cloud Security from the professional services industry. He is currently an Associate Director with Protiviti’s Cloud Security team. Harry’s background includes security strategy planning, security operations development and security executive consulting roles. He has also had years of hands-on experience implementing cloud security technologies across SaaS, IaaS and hybrid cloud environments. From his experie...

Kevin Bugin
This person does not have a biography listed with CSA.

Andrew Williams
Director of Program Development, Coalfire
Andrew Williams is the Director of Program Development at Coalfire. In this role, he is responsible for working closely with Coalfire customers, industry bodies and regulatory authorities, and internal stakeholders to ensure Coalfire’s services, delivery, and talent are aligned to the needs of the future compliance and security landscape.
Andrew previously worked as practice director for Coalfire’s cloud assessment and risk advisory...

Kevin Pike
This person does not have a biography listed with CSA.

Dinesh Udaiwal
This person does not have a biography listed with CSA.