Download Publication

CSA CCM v3.0.1 Addendum - NIST 800-53 Rev 4 Moderate
Release Date: 08/03/2019
Working Group: Cloud Controls Matrix Working Group
• Controls Mapping
• Gap Analysis
• Gap Identification (i.e. Partial, Full or No Gap)
Download this Resource
Prefer to access this resource without an account? Download it now.
Related Resources
Acknowledgements

Douglas Barbin
Principal and Cybersecurity Leader at Schellman & Company, LLC
This person does not have a biography listed with CSA.

Michael Roza
Head of Risk, Audit, Control and Compliance
Since 2012 Michael has contributed to over 100 CSA projects completed by CSA's Internet of Things, Zero Trust/Software-Defined Perimeter, Top Threats, Cloud Control Matrix, Containers/Microservices, DevSecOps, and other working groups. He has also served as co-chair of CSA's Enterprise Architecture, Top Threats, and Security-as-a-Service working groups while also serving as the Standards Liaison Officer for IoT, ICS, EA, SECaaS, and Cloud K...

Victor Chin
This person does not have a biography listed with CSA.

Lawrence Martin
This person does not have a biography listed with CSA.

Erik Johnson
Cloud Security Specialist & Senior Research Analyst
Worked for the Federal Reserve for many years and volunteered with the CSA with a focus on CCM/CAIQ V4, specifically the STA domain, and developing a comprehensive framework and guidance for defining and managing the cloud shared security responsibility model (SSRM).
I recently retired from the Federal Reserve and am now consulting with the CSA as a Senior Research Analyst with a focus on Zero Trust and Financial Services.
Linke...

Chris Shull
Chief Information Security Officer
This person does not have a biography listed with CSA.

Angela Dogan
Director, Vendor Risk Management and Compliance Services, Lynx Technology Partners
Angela Dogan is the Director, Vendor Risk Management and Compliance Services for Lynx Technology Partners. Previously, she served as Senior Project Manager for the Santa Fe Group and Vendor Auditor for Resurgent Capital Services.
With 15 years in the financial services industry, she is well-versed in standardized control frameworks such as those created by the Shared Assessments Program and Cloud Security Alliance, where she is a memb...

Reid Leake
This person does not have a biography listed with CSA.

Kevin Bugin
This person does not have a biography listed with CSA.

Andrew Williams
Director of Program Development, Coalfire
Andrew Williams is the Director of Program Development at Coalfire. In this role, he is responsible for working closely with Coalfire customers, industry bodies and regulatory authorities, and internal stakeholders to ensure Coalfire’s services, delivery, and talent are aligned to the needs of the future compliance and security landscape.
Andrew previously worked as practice director for Coalfire’s cloud assessment and risk advisory...

William Butler
This person does not have a biography listed with CSA.