Consensus Assessments Initiative Questionnaire (CAIQ) Lite

By : 6clicks
The Consensus Assessments Initiative Questionnaire (CAIQ) Lite is a survey provided by the Cloud Security Alliance (CSA) for cloud consumers and auditors to assess the security capabilities of a cloud service provider.
In stock


This download includes the CAIQ Lite controls including a lite set of mapped questions. Use this download if you just want the Lite questionnaire and a quick way to perform a CAIQ questionnaire.

CAIQ-Lite contains 71 questions compared to the 295 found in the CAIQ, while maintaining representation of 100% of the original 16 control domains present in The Cloud Controls Matrix (CCM) 3.0.1.The CAIQ is designed to increase transparency in cloud operations. The Lite questionnaire helps customers of cloud services get information from their cloud service providers regarding the technologies and tactics being implemented, data protection and risk management, as well as their implementation plans. CAIQ questionnaires can be tailored to fit an individual cloud customer’s needs, and it is intended to be used with the CSA Guidance and Cloud Controls Matrix (CCM). CAIQ consists of a series of Yes/No questions that distill issues, best practices and control specifications from CSA Guidance and CCM. CAIQ aims to create common industry standards to document security controls in infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS) and software-as-a service (SaaS) operations.

The CAIQ Lite includes 73 questions across the following 16 sections:

  • Application & Interface Security
  • Audit Assurance & Compliance
  • Business Continuity Management & Operational Resilience
  • Change Control & Configuration Management
  • Data Security & Information Lifecycle Management
  • Datacenter Security
  • Encryption & Key Management
  • Governance and Risk Management
  • Human Resources
  • Identity & Access Management
  • Infrastructure & Virtualization Security
  • Interoperability & Portability
  • Mobile Security
  • Security Incident Management, E-Discovery, & Cloud Forensics
  • Supply Chain Management, Transparency, and Accountability
  • Threat and Vulnerability Management

Getting Started

Click "Book a demo" and our team will provide you with an overview of our content library within the 6clicks GRC platform.

More Information

More Information
Jurisdiction All
Type Assessment