Cloud Controls Matrix – Security Compliance Mapping spreadsheet

CSA, the Cloud Security Association, has worked with industry partners to set up a matrix defining Cloud security controls mapped to industry standards.
The Cloud Security Alliance Cloud Controls Matrix (CCM) is specifically designed to provide fundamental security principles to guide cloud vendors and to assist prospective cloud customers in assessing the overall security risk of a cloud provider.”
The CCM lists security controls mapped to the following industry-standards:

  • COBIT 4.1
  • ISO/IEC 27001-2005
  • FedRAMP
  • PCI DSS v2.0

Now up to version 1.3, the CCM (Cloud Controls Matrix), was used to help us create our compliance mapping database. The version of the matrix provided by the CSA, while useful for reference, is very difficult to use when trying to track compliance related tasks. V2 of the CCM is currently in development. In the meantime, my custom cloud controls database should be ready in the next week or two.


Click here to download the Cloud Controls Matrix

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.