Have a look at this video to understand how the Cloud Controls Matrix (CCM) and the Consensus Assessment Initiative Questionnaire (CAIQ) can help in secure cloud adoption.
The “Old Skool” approach for provider evaluation is that every company creates their own long list of questions in their request for proposal (RFP). Each cloud provider will then get hundreds of lists of questions, all different.
This is not an efficient process.
The CCM was developed by the Cloud Security Alliance (CSA) to act as a cloud specific set of controls. The CAIQ is a set of questions that is based on the CCM, and can be used as the core of a standard set of questions.
Cloud consumers don’t need to reinvent the wheel in thinking up these questions. At the same time, cloud providers then need to answer most of these questions only once.
In fact they can then record their standard answer in the CSA’s “Security, Trust & Assurance Registry” (STAR), which optimizes the process even further.
Watch the video for a brief explanation of this.
Do a FREE course
Are you not sure if you are ready to start a full CCSK training yet? Then this course is perfect for you. It will give you a good idea of how worthwhile it is to go for the CCSK certification. You will also cover some of the basics that are required for the full course.
And the best thing? It’s for free! Click on the button below and start learning about CCSK v4.