Introduction to Cloud Control Matrix (CCM)

Cloud Security Alliance (CSA) is a registered Foreign Non-Profit Corporation in Washington. It is founded in 2008. It provides fundamental security principles to cloud providers and assists cloud customers to ensure a secure cloud computing environment.

The Cloud Security Alliance Cloud Controls Matrix (CSA CCM) provides a controls framework that gives a detailed understanding of security concepts and principles that are applicable to the cloud industry. It also highlights its relationship to other industry-accepted security standards, regulations and controls frameworks such as ISO27001, ISACA, COBIT, PCIDSS, HIPAA, NIST, etc. The CSA CCM highlights information security control requirements, threats, and vulnerabilities in the cloud, and security measures to be implemented in the cloud.

The Cloud Controls Matrix (CCM) comprises of baseline security controls created by the Cloud Security Alliance to help enterprises assess the risk associated with cloud computing. It is a part of the CSA Governance, Risk and Compliance stack and aligned to 16 security domains (in its latest version: Cloud Control Matrix v 3.0.1).

Each security domain contains sub-domains and its associated unique control ID, thus, comprising a total of 133 control metrics is described in the attached document.

Authored By - Manvi Sharma
TCS Cyber Security Practice

Rate this article: 
Average: 5 (1 vote)
Article category: