Cloud 101CircleEventsBlog
CSA's Continuous Audit Metrics Working Group is expanding! Help shape the future of cloud assurance.

Working Group

Security Guidance

The advancement toward secure cloud computing requires active participation from a broad set of globally-distributed stakeholders.
View Current Projects
Security Guidance for Critical Areas of Focus in Cloud Computing v4.0
Security Guidance for Critical Areas of Focus in Cloud Computing v4.0

Download

Working Group Overview
The advancement toward secure cloud computing requires active participation from a broad set of globally-distributed stakeholders. CSA brings together this diverse community of industry partnerships, international chapters, working groups, and individuals to create the Cloud Security Guidance.


CSA Security Guidance v5 in development
The CSA Security Guidance v4 has become a fundamental source for best practices in the cloud. We plan on updating this core research to integrate the latest best practices in cloud and aligning with version 4 of the CCM and CAIQ. This document is a proposal to restructure the fifth version of Guidance with details around each option. 


Drafts & Important Docs

Working Group Leadership

Rich Mogull
Rich Mogull

Rich Mogull

CEO at Securosis

Rich is the VP of Product for DisruptOPS and Analyst and CEO of Securosis. With twenty years of experience in information security, physical security, and risk management, Rich is one of the foremost experts on cloud security, having driven development of the Cloud Security Alliance’s V4 Guidance and the associated CCSK training curriculum. He is a prolific writer and fe...

Read more

Publications in ReviewOpen Until
Risk, Audit and Compliance - Security Guidance for Critical Areas of Focus in Cloud Computing v5Mar 05, 2024
View all
Who can join?

Anyone can join a working group, whether you have years of experience or want to just participate as a fly on the wall.

What is the time commitment?

The time commitment for this group varies depending on the project. You can spend a 15 minutes helping review a publication that's nearly finished or help author a publication from start to finish.

Open Peer Reviews

Peer reviews allow security professionals from around the world to provide feedback on CSA research before it is published.

Learn how to participate in a peer review here.

Risk, Audit and Compliance - Security Guidance for Critical Areas of Focus in Cloud Computing v5

Open Until: 03/05/2024

This chapter is dedicated to the core aspects of cloud security, with a particular emphasis on the implications surrounding...