Cisco
Common corporate controls for Cisco cloud offers
View other services by Cisco Systems, Inc.:
- Cisco Defense Orchestrator
- Cisco DNA Spaces
- Cisco Duo
- Cisco IMImobile
- Cisco International Limited
- Cisco Intersight
- Cisco Meraki
- Cisco SD-WAN
- Cisco Secure Access
- Cisco Secure Email
- Cisco Slido
- Cisco ThousandEyes
- Cisco Umbrella
- Cisco Unified Communications Manager (UCM) Cloud
- Cisco Webex Contact Center
- Cisco Webex Contact Center Enterprise
- Cisco Webex Events (formerly "Socio")
- Cisco Webex Suite
- Cisco Webex Video Integration for Microsoft Teams

Offers an industry-accepted way to document what security controls exist in IaaS, PaaS, and SaaS services. It provides a set of Yes/No/NA questions and space to justify the response a cloud consumer and cloud auditor may wish to ask of a cloud provider to ascertain their compliance to the Cloud Controls Matrix (CCM).
Organizations who have the CSA Trusted
Cloud Provider trustmark demonstrate
a commitment to organizational security. They are
a CSA
Corporate Member, volunteer regularly for
CSA, and have at least one staff member who has
earned their CCSK.
Organizations who have the CSA STAR Enabled
Solution trustmark have leveraged or incorporated
the CCM framework or CAIQ into their commercial
offerings, and who demonstrate alignment with CSA
STAR, CCM, and CAIQ best practices. View the
STAR Enabled Solutions Registry or learn
more about becoming a STAR Enabled Solution here.
Information about Cisco
Listed Since: 10/08/2020
Listed Since: 10/08/2020
STAR Level 1
Cloud Controls Matrix

CAIQ Self-assessment v4.0.2
Offers an industry-accepted way to document what security controls exist in IaaS, PaaS, and SaaS services. It provides a set of Yes/No/NA questions and space to justify the response a cloud consumer and cloud auditor may wish to ask of a cloud provider to ascertain their compliance to the Cloud Controls Matrix (CCM).
Created or renewed over 2 years ago, on October 25, 2023.
(Deprecated)
Deprecated assessments do not necessarily indicate
non-compliance. In this case, the assessment
has not been updated within its validity period. We suggest
contacting this organization directly to request that
they submit an updated assessment.
