Cloud Controls Matrix Version 4.0

This download includes the Cloud Security Alliance's Cloud Controls Matrix (CCM) only so there are no mapped questions. Use this download if you just want the provisions and you want to create your own question set. Cloud Security Alliance's Cloud Controls Matrix (CCM) is composed of 197 control objectives that are structured in 17 domains covering all key aspects of cloud technology. It can be used as a tool for the systematic assessment of cloud implementation and provides guidance on which security controls should be implemented by which actor within the cloud supply chain. The controls framework is aligned with the CSA Security Guidance for Cloud Computing and is considered a de-facto standard for cloud security assurance and compliance. Version 4 of the CCM has been updated to ensure coverage of requirements deriving from new cloud technologies, new controls and security responsibility matrix, improved audibility of the controls, and enhanced interoperability and compatibility with other standards. The list of controls domains are as follows : Application & Interface Security Audit & Assurance Business Continuity Management & Operational Resilience Change Control & Configuration Management Cryptography, Encryption & Key Management Data Security & Privacy Lifecycle Management Datacenter Security Data Security & Privacy Lifecycle Management Governance, Risk Management & Compliance Human Resources Identity & Access Management Infrastructure & Virtualization Security Interoperability & Portability Logging & Monitoring Security Incident Management, E-Discovery, & Cloud Forensics Threat & Vulnerability Management Universal Endpoint Management