CSA Research Publications
Whitepapers, Reports and Other Resources
Browse Publications
 | Release Date: 06/16/2020 In the wake of COVID-19 Health Delivery Organizations (HDOs) are rapidly increasing their utilization of telehealth capabilities like Remote Patient Monitori... Request to download |
 | Financial Services Stakeholders Platform Working Group Charter Release Date: 06/09/2020 Information security plays an integral role in the regulation and protection of customers in the financial industry. Exploring cloud computing and the underl... Request to download |
| SDP: The Most Advanced Zero Trust Architecture Release Date: 05/27/2020 Today’s “Zero Trust” implementations are like putting up a wall with multiple doors and allowing people to come and pick a lock on the door. We are then just... Request to download |
 | Privacy Level Agreement Code of Conduct Translation in 10 Languages Release Date: 05/07/2020 Cloud Security Alliance (CSA) in the context of an agreement with OneTrust has translated the Privacy Level Agreement Code of Conduct (PLA CoC) v3.1 in 10 la... Request to download |
 | CCM Translation in 10 Languages Release Date: 05/07/2020 Cloud Security Alliance (CSA) in the context of an agreement with OneTrust has translated the Cloud Control Matrix (CCM) v3.0.1 in 10 languages in order to f... Request to download |
 | CAIQ Translation in 10 Languages Release Date: 05/07/2020 Cloud Security Alliance (CSA) in the context of an agreement with OneTrust has translated the Consensus Assessments Initiative Questionnaire (CAIQ) v3.0.1 in... Request to download |
 | Cloud Industrial Internet of Things (IIoT) - Industrial Control Systems Security Glossary Release Date: 05/05/2020 The Industrial Control Systems (ICS) Security Glossary is a reference document that brings together ICS and IT/OT related terms and definitions. Bringing t... Request to download |
 | Cloud Incident Response Framework – A Quick Guide Release Date: 04/21/2020 What this Quick Guide aims to do is to distill and give readers an overview of key contributions of the work currently undertaken in the CIR WG, towards a co... Request to download |
![Consensus Assessment Initiative Questionnaire (CAIQ) v3.1 [No Longer Accepted]](https://cloudsecurityalliance.org/rails/active_storage/representations/redirect/eyJfcmFpbHMiOnsiZGF0YSI6MTc3MjEsInB1ciI6ImJsb2JfaWQifX0=--846e63ecb5438faa0471cb729b8fd20217573428/eyJfcmFpbHMiOnsiZGF0YSI6eyJmb3JtYXQiOiJwbmciLCJyZXNpemVfdG9fbGltaXQiOlsyMjUsMzAwXX0sInB1ciI6InZhcmlhdGlvbiJ9fQ==--ed3d8b3503f8660626bf50138e90f4b6f3228621/CAIQ-No-Longer-Accepted.png) | Consensus Assessment Initiative Questionnaire (CAIQ) v3.1 [No Longer Accepted] Release Date: 04/01/2020 Cloud Security Alliance (CSA) would like to present the next version of the Consensus Assessments Initiative Questionnaire (CAIQ) v3.1. The CAIQ offers an i... Request to download |
 | Managing the Risk for Medical Devices Connected to the Cloud Release Date: 03/16/2020 With the increased number of Internet of Things devices, Healthcare Delivery Organizations are experiencing a digital transformation bigger than anything in ... Request to download |
| PLA Code of Practice Template Annex 1 (Updated - March 2020) Release Date: 03/12/2020 CSA PLA Code of Conduct for GDPR Compliance provides a consistent and comprehensive framework for complying with the EU’s GDPR. The CSA PLA Code of Conduct f... Request to download |
 | Best Practices in Implementing a Secure Microservices Architecture Release Date: 02/24/2020 Application containers and a microservices architecture are being used to design, develop, and deploy applications leveraging agile software development appr... Request to download |
 | The Six Pillars of DevSecOps: Collective Responsibility Release Date: 02/21/2020 The DevSecOps Working Group identified and defined six focus areas critical to integrating DevSecOps into an organization, in accordance with the six pillars... Request to download |
 | Cloud Usage in the Financial Services Sector Release Date: 02/21/2020 This survey was created and completed by members of the the Financial Services Stakeholders Platform, a CSA working group whose main objective is to identify... Request to download |
| CSA CCM v3.0.1 Addendum - Cloud OS Security Specifications Release Date: 01/29/2020 This document is an addendum to the CCM V3.0.1 and contains a controls mapping and gap analysis between the CSA CCM and CSA's research artifact "Cloud OS Sec... Request to download |
 | Critical Controls Implementation for SAP Release Date: 01/06/2020 The Critical Controls Implementation for SAP is the first in a series of implementation documents that the CSA ERP Security Working Group aims to develop. Th... Request to download |
 | Privacy Level Agreement Working Group Charter Release Date: 11/29/2019 The Cloud Security Alliance would like to invite you to review and comment on the updated Privacy Level Agreement Working Group Charter. The Privacy Level A... Request to download |
| CSA CCM v3.0.1 Addendum to the Reserve Bank of India (RBI)’s Gopala Krishna Committee (GKC) report Release Date: 11/27/2019 This document contains a mapping and gap analysis between the cloud security requirements of CCM V3.0.1 and those of the Reserve Bank of India (RBI)’s Gopala... Request to download |
| Beyond the General Data Protection Regulation (GDPR) Release Date: 11/19/2019 Data residency insights from around the world. This study reveals the top data protection concerns and strategies of more than 800 senior business profession... Request to download |
| Code of Conduct (CoC): Statement of Adherence 3rd Party Certification Release Date: 11/19/2019 CSA PLA Code of Conduct for GDPR Compliance provides a consistent and comprehensive framework for complying with the EU’s GDPR. The CSA PLA Code of Conduct f... Request to download |