Working Group

CCM V3.0.1 addendum to CSA's research artifact 'Cloud OS Security Specification'

The Cloud Security Alliance (CSA) would like to invite you to review and comment on the CCM V3.0.1 addendum to CSA's research artifact 'Cloud...

Consensus Assessment Initiative Questionnaire (CAIQ) v3.1

Cloud Security Alliance (CSA) would like to present the next version of the Consensus Assessments Initiative Questionnaire (CAIQ) v3.1. T...

Mapping of 'The Guidelines' Security Recommendations to CCM

This document contains the additional controls that serves to bridge the gap between CCM V3.0.1 and the controls within 'Guideline on Effecti...

Gap Analysis Report on Mapping CSA’s Cloud Controls Matrix to ‘Guideline on Effectively Managing Security Service in the Cloud’

The report summarizes the mapping of CCM v3.0.1 to 'Guideline on Effectively Managing Security Services in the Cloud' and provides gap analys...

CSA STAR Registry API Specification v1.5

The CSA STAR Registry is a publicly available repository containing assurance information voluntarily submitted by a growing index of cloud p...

Cloud Controls Matrix v3.0.1

Description: The CCM, the only meta-framework of cloud-specific security controls, mapped to leading standards, best practices and regulation...

CCM v3.0.1 Addendum - FedRAMP Moderate

This document is an addendum to the CCM V3.0.1 that contain controls mapping between the CSA CCM and the FedRAMP R4 Moderate Baseline. The...

CSA CCM v3.0.1 Addendum - NIST 800-53 Rev 4 Moderate

This document is an addendum to the CCM V3.0.1 that contain controls mapping between the CSA CCM and the NIST 800-53 R4 Moderate Baseline. Th...

CSA CCM v3.0.1 Addendum - AICPA TSC 2017

This document is an addendum to the CCM V3.0.1 that contain controls mapping between the CSA CCM and the AICPA TSC 2017. The document aims to...

CCM v3.0.1-080319

The CCM, the only meta-framework of cloud-specific security controls, mapped to leading standards, best practices and regulations. CCM provid...

CCM Mapping Workpackage Template

This document is the companion document to the Methodology for the Mapping of the Cloud Controls Matrix (CCM). It is a CCM mapping workpackag...

CCM v3.0.1 Addendum - BSI Germany C5 v1

This document is an addendum to the Cloud Controls Matrix (CCM) V3.0.1 controls. It contains the additional controls that serves to bridge ...

CCM v3.0.1 Addendum - ISO 27002 27017 27018 v1.1

This document is an addendum to the Cloud Controls Matrix (CCM) V3.0.1 controls. It contains the additional controls that serves to bridge ...

CCM v3.0 - Chinese Translation

The Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) provides fundamental security principles to guide cloud vendors and cloud custo...

CCM Mapping Methodology

Description: The Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) provides fundamental security principles to guide cloud vendors an...

Cloud Controls Matrix v3.0.1 Info Sheet

STAR Certification Guidance Document: Auditing the Cloud Controls Matrix (CCM)

There are a number of control areas on the CCM that will each be awarded a management capability score on a scale of 1-15. This 2nd version r...