Cloud 101CircleEventsBlog
Participate in the Peer Review for the AICM mapping to BSI AI C4 Catalog.

Download Publication

Informative Reference Details for the Mapping of CCM v4 to NIST CSF v2
Informative Reference Details for the Mapping of CCM v4 to NIST CSF v2

Informative Reference Details for the Mapping of CCM v4 to NIST CSF v2

Release Date: 10/08/2024

The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices for securing cloud computing environments, is pleased to announce the publication of a new mapping of security controls between the CSA Cloud Controls Matrix (CCM) v4 and the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) v2.0. This mapping, now available in the NIST National Online Informative References (OLIR) Catalog, is a result of a joint collaboration between the CCM Working Group and NIST experts.

The NIST OLIR Program facilitates the development of standardized Online Informative References (OLIRs), which establish relationships between elements from cybersecurity, privacy, and other ICT domains.  The newly published mapping aligns the CCM with the CSF, identifying equivalences (overlaps) between the control specifications of the two frameworks. 

This alignment and publication allows cloud organizations to streamline compliance efforts, enhancing both their cloud security and compliance programs.
Download this Resource

Prefer to access this resource without an account? Download it now.

Bookmark
Share
Related resources
NIST CSF v2 Cloud Community Profile - Based on CCM v4
NIST CSF v2 Cloud Community Profile - Based on ...
CCM-Lite and CAIQ-Lite
CCM-Lite and CAIQ-Lite
CCM v4.0 Implementation Guidelines
CCM v4.0 Implementation Guidelines
The Questions Every Company Should Be Asking About AI
The Questions Every Company Should Be Asking About AI
Published: 03/05/2025
AI Gone Wild: Why Shadow AI Is Your IT Team’s Worst Nightmare
AI Gone Wild: Why Shadow AI Is Your IT Team’s Worst Nightmare
Published: 03/04/2025
The HIPAA Security Rule is Changing. Here’s What You Need to Know.
The HIPAA Security Rule is Changing. Here’s What You Need to Know.
Published: 03/03/2025
Building Better GRC Habits: Why 2025 Is the Year To Embrace Continuous Controls Monitoring
Building Better GRC Habits: Why 2025 Is the Year To Embrace Continu...
Published: 02/27/2025
Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Related Certificates & Training