Cloud Security Alliance CCM

Cloud Security Alliance CCM

The Cloud Controls Matrix (CCM) is a baseline set of security controls created by the Cloud Security Alliance to help enterprises assess the risk associated with a cloud computing provider.

The Cloud Controls Matrix is aligned with CSA’s guidance in 16 security domains, including application security, identity and access management, mobile security, encryption and key management and data center operations. CCM, which is part of the CSA Governance, Risk and Compliance (GRC) Stack, is mapped to multiple industry standards, regulations and frameworks that enterprises must follow, including ISO 27001/27002, PCI DSS, HIPAA and COBIT.