CCM Addenda Updates for Two Additional Standards
Blog Article Published: 01/21/2019
By the CSA CCM Working Group
We're happy to announce the publication of the updated Cloud Controls Matrix (CCM) Addenda for the following standards:
— German Federal Office for Information Security (BSI) Cloud Computing Compliance Controls Catalogue (C5)
— ISO/IEC 27002, ISO/IEC 27017 and ISO/IEC 27018
These CCM addenda aim to help organizations assess and bridge compliance gaps between the CCM and other security frameworks.
The documents contain:
- A controls mapping between the above mentioned standards and the CCM (e.g. which control(s) in CCM maps to each given control in ISO27017).
- A gap analysis
- Compensating controls (i.e. the actual “addendum”)
Additionally, the addendum for the German BSI C5 contains both mappings and reverse mappings.
The CSA and the CCM Working Group hope that organizations will find this document useful for their security compliance programs.
Best Regards,
CSA CCM Working Group
Sign up to receive CSA's latest blogs
This list receives 1-2 emails a month.
Related Articles:
CSA Community Spotlight: Propelling the Industry Forward with Larry Whiteside Jr.
Published: 03/12/2024
2024: A Critical Year for the Cloud Security Teenager
Published: 12/29/2023