Consensus Assessment Initiative Questionnaire (CAIQ) v3.1
Release Date: 04/01/2020
Working Group: Consensus Assessments
There is a new version of CAIQ available. The latest version has been combined with the Cloud Controls Matrix.
The Consensus Assessments Initiative Questionnaire (CAIQ) v3.1. offers an industry-accepted way to document what security controls exist in IaaS, PaaS, and SaaS services, providing security control transparency. It provides a set of Yes/No questions a cloud consumer and cloud auditor may wish to ask of a cloud provider to ascertain their compliance to the Cloud Controls Matrix (CCM). Therefore, it helps cloud customers to gauge the security posture of prospective cloud service providers and determine if their cloud services are suitably secure.
The CAIQ and CCM are used by CSPs to submit to the CSA STAR Registry. You can learn about the transition timeline for v3.1 to v4, and how that will affect submission to the STAR Registry in this blog.
CSA is a community driven organization. We would like to send you updates about our ongoing initiatives and opportunities to participate.
Provide feedback on this form