The Inner Circle

​Hi !

I am looking for the criteria used to map the Cloud Controls to the ISO 27k controls in the CCM.

Some of these relationships do not look obvious to me so I would like to understand the reasoning behind.

Thanks in advance for any hints


------------------------------
Diego Alvarado
Policy Security Officer
AXA GO
------------------------------

@Daniele Catteddu and @Lefteris Skoutaris - Could one of you help answer this question? ​​

------------------------------
Hillary Baron CCSK v4
Program Manager, Research
CSA
Seattle WA
------------------------------

Original Message:
Sent: Aug 07, 2020 02:10:38 AM
From: Diego Alvarado
Subject: CCM mapping to ISO 27k

​Hi !

I am looking for the criteria used to map the Cloud Controls to the ISO 27k controls in the CCM.

Some of these relationships do not look obvious to me so I would like to understand the reasoning behind.

Thanks in advance for any hints


------------------------------
Diego Alvarado
Policy Security Officer
AXA GO
------------------------------

Hi,

You could forward to Diego the CCM Mapping Methodology.

https://downloads.cloudsecurityalliance.org/assets/research/cloud-controls-matrix/ccm-mapping-methodology.pdf

------------------------------
Michael Roza CPA, CISA, CIA
------------------------------

Original Message:
Sent: Aug 10, 2020 08:20:15 AM
From: Hillary Baron
Subject: CCM mapping to ISO 27k

@Daniele Catteddu and @Lefteris Skoutaris - Could one of you help answer this question? ​​

------------------------------
Hillary Baron CCSK v4
Program Manager, Research
CSA
Seattle WA

Original Message:
Sent: Aug 07, 2020 02:10:38 AM
From: Diego Alvarado
Subject: CCM mapping to ISO 27k

​Hi !

I am looking for the criteria used to map the Cloud Controls to the ISO 27k controls in the CCM.

Some of these relationships do not look obvious to me so I would like to understand the reasoning behind.

Thanks in advance for any hints


------------------------------
Diego Alvarado
Policy Security Officer
AXA GO
------------------------------

Thanks Hillary and Michael!

------------------------------
Diego Alvarado
Policy Security Officer
AXA GO
------------------------------

Original Message:
Sent: Aug 11, 2020 02:54:13 AM
From: Michael Roza
Subject: CCM mapping to ISO 27k

Hi,

You could forward to Diego the CCM Mapping Methodology.

https://downloads.cloudsecurityalliance.org/assets/research/cloud-controls-matrix/ccm-mapping-methodology.pdf

------------------------------
Michael Roza CPA, CISA, CIA

Original Message:
Sent: Aug 10, 2020 08:20:15 AM
From: Hillary Baron
Subject: CCM mapping to ISO 27k

@Daniele Catteddu and @Lefteris Skoutaris - Could one of you help answer this question? ​​

------------------------------
Hillary Baron CCSK v4
Program Manager, Research
CSA
Seattle WA

Original Message:
Sent: Aug 07, 2020 02:10:38 AM
From: Diego Alvarado
Subject: CCM mapping to ISO 27k

​Hi !

I am looking for the criteria used to map the Cloud Controls to the ISO 27k controls in the CCM.

Some of these relationships do not look obvious to me so I would like to understand the reasoning behind.

Thanks in advance for any hints


------------------------------
Diego Alvarado
Policy Security Officer
AXA GO
------------------------------

Hi Diego,  I will do the mapping overnight for you in the CCM matrix

Rgds
Shane Feeney
ISO27001 Lead Auditor, CISM, SABSA, CISP

------------------------------
Shane Feeney
Seniro Consultant
Cemax Consulting
------------------------------

Original Message:
Sent: Aug 07, 2020 02:10:38 AM
From: Diego Alvarado
Subject: CCM mapping to ISO 27k

​Hi !

I am looking for the criteria used to map the Cloud Controls to the ISO 27k controls in the CCM.

Some of these relationships do not look obvious to me so I would like to understand the reasoning behind.

Thanks in advance for any hints


------------------------------
Diego Alvarado
Policy Security Officer
AXA GO
------------------------------

Is this mapping available to share? I would like to have a copy of it.

------------------------------
Aditya Chordia
IT Validation & Compliance Manager
Amerisource Bergen
------------------------------

Original Message:
Sent: Aug 11, 2020 07:30:58 AM
From: Shane Feeney
Subject: CCM mapping to ISO 27k

Hi Diego,  I will do the mapping overnight for you in the CCM matrix

Rgds
Shane Feeney
ISO27001 Lead Auditor, CISM, SABSA, CISP

------------------------------
Shane Feeney
Seniro Consultant
Cemax Consulting

Original Message:
Sent: Aug 07, 2020 02:10:38 AM
From: Diego Alvarado
Subject: CCM mapping to ISO 27k

​Hi !

I am looking for the criteria used to map the Cloud Controls to the ISO 27k controls in the CCM.

Some of these relationships do not look obvious to me so I would like to understand the reasoning behind.

Thanks in advance for any hints


------------------------------
Diego Alvarado
Policy Security Officer
AXA GO
------------------------------

Hi Aditya,
the mapping is included under the 'scope applicability' tab of the CCMv4.
You can download the standard here.
Lefteris

------------------------------
Eleftherios Skoutaris
Program Manager
Cloud Security Alliance
------------------------------

Original Message:
Sent: Jul 06, 2021 07:36:23 AM
From: Aditya Chordia
Subject: CCM mapping to ISO 27k

Is this mapping available to share? I would like to have a copy of it.

------------------------------
Aditya Chordia
IT Validation & Compliance Manager
Amerisource Bergen

Original Message:
Sent: Aug 11, 2020 07:30:58 AM
From: Shane Feeney
Subject: CCM mapping to ISO 27k

Hi Diego,  I will do the mapping overnight for you in the CCM matrix

Rgds
Shane Feeney
ISO27001 Lead Auditor, CISM, SABSA, CISP

------------------------------
Shane Feeney
Seniro Consultant
Cemax Consulting

Original Message:
Sent: Aug 07, 2020 02:10:38 AM
From: Diego Alvarado
Subject: CCM mapping to ISO 27k

​Hi !

I am looking for the criteria used to map the Cloud Controls to the ISO 27k controls in the CCM.

Some of these relationships do not look obvious to me so I would like to understand the reasoning behind.

Thanks in advance for any hints


------------------------------
Diego Alvarado
Policy Security Officer
AXA GO
------------------------------