The Continuous Audit Metrics Catalog: Towards a Machine-Readable Representation
Release Date: 06/07/2022
In October 2021, the Cloud Security Alliance released the first version of the Continuous Audit Metrics catalog which provides a standard reference for the continuous auditing of cloud services that supports security metrics in a way that mirrors what the CSA CCM or ISO/IEC 27002 does for security controls. The released catalog contained an initial set of 34 security metrics, each mapped to the CCM v4.
This document takes the initial catalog that was presented in PDF format and translates of the 34 security metrics into YAML, a machine-readable format that is also still reasonably easy to understand by humans.