Download Research Artifact

Consensus Assessment Initiative Questionnaire (CAIQ) v3.1

Cloud Security Alliance (CSA) would like to present the next version of the Consensus Assessments Initiative Questionnaire (CAIQ) v3.1. The CAIQ offers an industry-accepted way to document what security controls exist in IaaS, PaaS, and SaaS services, providing security control transparency. It provides a set of Yes/No questions a cloud consumer and cloud auditor may wish to ask of a cloud provider to ascertain their compliance to the Cloud Controls Matrix (CCM). Therefore, it helps cloud customers to gauge the security posture of prospective cloud service providers and determine if their cloud services are suitably secure. CAIQ v3.1 represents a minor update to the previous CAIQ v3.0.1. In addition to improving the clarity and accuracy, it also supports better auditability of the CCM controls. The new updated version aims to not only correct errors but also appropriately align and improve the semantics of unclear questions for corresponding CCM v3.0.1 controls. In total, 49 new questions were added, and 25 existing ones were revised. For this new CAIQ version, CSA took into account the combined comprehensive feedback that was collected over the years from its partners, the industry and the CCM working group.

Release Date: 11/15/2019

Request to Download

Email

Organization

Job Title

Country

I want to receive email updates from CSA on related projects.
(Marketing purposes, Section 3 of the Privacy Policy).

I want to receive email updates from CSA’s partners and sponsors on their projects/services.
(Marketing purposes, Section 3 of the Privacy Policy).

CSA Membership

CSA STAR Program

Online Training Discount!

CSA Research

Call for Papers Open

About the CSA

Download Research Artifact

Consensus Assessment Initiative Questionnaire (CAIQ) v3.1

Request to Download

Common Questions

Home

Membership

Research

Connect

Legal

About