CSA Seeks Input on CCM v1.3 FedRAMP Mapping Document
The Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) Working Group (WG) would like to invite you to review and comment on a preliminary draft of CCM v1.3 with a revised mapping of the Federal Risk and Authorization Management Program (FedRAMP) security controls published January 2012. The CCM is specifically designed to provide fundamental security principles to guide cloud vendors and to assist prospective cloud customers in assessing the overall security risk of a cloud provider. As a framework, the CCM provides organizations with the required structure, detail and clarity relating to information security tailored to the cloud industry. The CCM strengthens existing information security control environments by emphasizing business information security control requirements, reduces and identifies consistent security threats and vulnerabilities in the cloud, provides standardized security and operational risk management, and seeks to normalize security expectations, cloud taxonomy and terminology, and security measures implemented in the cloud. The Cloud Controls Matrix is part of the CSA GRC Stack. This is your opportunity to provide feedback and propose any FedRAMP security control mapping revisions to the preliminary draft. The open review and comments period starts today and ends on August 31st, 2012. Submitting feedback is easy with our 3 step process. Follow the below link to the peer review site: https://cloudsecurityalliance.org/research/ccm/v1-3-fedramp-mapping-peer-review/ We appreciate your assistance. Thank you in advance for your time and contribution.