CSA CCM v3.0.1 Addendum
CSA CCM v3.0.1 Addendum

Currently we have a large number of cloud providers available in the market and cloud security is top notch criteria of every organization. It is not only important to consider the security in every domain but also make sure that it is measurable. We need a strong cybersecurity control framework for cloud computing and CSA Cloud Control Matrix (CCM) provides the same. It contains the 16 domains which gives you 133 control objectives covering all key aspects of the cloud technology.

The RBI constituted the Working Group on Information Security, Electronic Banking, Technology Risk Management and Cyber Frauds, which produced its report in January 2011. The Working Group was headed by Mr. G. Gopala Krishna and is popularly known as the Gopalakrishna Committee Report.

CSA Bangalore Research working group has taken a Cloud Control Matrix(CCM) and Gopalakrishna Committee report, blended it together and prepared a mapping document. This document contains a mapping and gap analysis between the cloud security requirements of CCM V3.0.1 and those of the Reserve Bank of India (RBI)’s Gopala Krishna Committee (GKC) Report, on Information Security, Electronic Banking, Technology Risk management & Cyber Frauds. The document aims to help organizations adhering to the aforementioned RBI's document to also meet CCM requirements. This is achieved by identifying compliance gaps in the RBI's document in relation to the CCM. Click here for more information.

Current status of this workgroup : The mapping activity was completed and published on the CSA page.

We are thankful for the hard work and contribution of the authors who made this possible:

The authors for this project are : Satyavathi Divadari, Cognizant Priyanka Sundar, Reliance Jio Sivaram Illangovan, Intel Manju Lalwani, Sales Force Manjesh Pai, Cognizant Yogesh Gupta, PWC Sohit Raina, Kantar Krishna Kishore B, KPMG Ajaykumar Rentala, Wells Fargo

While one job is done, many are yet to be started ! We also have many projects in the pipeline. If you are interested in contributing towards this noble cause, please reach out to us and let us give back to the society.

Get ready to leave your footprint in the global cybersecurity world!