ChaptersEventsBlog
Join us on September 3rd for The Evolution of Cloud Network Security webinar. Register now!

Download Publication

Informative Reference Details for the Mapping of CCM v4 to NIST CSF v2
Informative Reference Details for the Mapping of CCM v4 to NIST CSF v2

Informative Reference Details for the Mapping of CCM v4 to NIST CSF v2

Release Date: 10/08/2024

The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices for securing cloud computing environments, is pleased to announce the publication of a new mapping of security controls between the CSA Cloud Controls Matrix (CCM) v4 and the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) v2.0. This mapping, now available in the NIST National Online Informative References (OLIR) Catalog, is a result of a joint collaboration between the CCM Working Group and NIST experts.

The NIST OLIR Program facilitates the development of standardized Online Informative References (OLIRs), which establish relationships between elements from cybersecurity, privacy, and other ICT domains.  The newly published mapping aligns the CCM with the CSF, identifying equivalences (overlaps) between the control specifications of the two frameworks. 

This alignment and publication allows cloud organizations to streamline compliance efforts, enhancing both their cloud security and compliance programs.
Download this Resource

Prefer to access this resource without an account? Download it now.

Bookmark
Share
Related resources
Code of Practice for Assessment Firms Offering STAR
Code of Practice for Assessment Firms Offering ...
AI Controls Matrix
AI Controls Matrix
Requirements for Bodies Providing STAR Certification
Requirements for Bodies Providing STAR Certific...
Understanding HIPAA: Key Regulations and Compliance
Understanding HIPAA: Key Regulations and Compliance
Published: 08/29/2025
Risk-Based vs. Compliance-Based Security: Why One Size Doesn’t Fit All
Risk-Based vs. Compliance-Based Security: Why One Size Doesn’t Fit All
Published: 08/27/2025
What Internal Auditors Wish Every Company Knew About SOC 2
What Internal Auditors Wish Every Company Knew About SOC 2
Published: 08/25/2025
A Breakdown of the ISO 27001 Certification Process
A Breakdown of the ISO 27001 Certification Process
Published: 08/21/2025
Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Related Certificates & Training