Cloud Controls Matrix

Dear members,
CSA and the CCM WG would like to embark on a new project that involves a mapping and gap analysis between the CCM v4.0 and the new version of ISO/IEC 27002:2022, recently published.

As you might already know CSA's STAR program and STAR level 2 Certification combines the best of two worlds, ISO/IEC 27001:2013 and CCMv4.0. Organizations that wish to migrate to the cloud are able to build cloud security requirements on top of ISO27001 and meet also compliance to CCM.

The objective of the project is the requirements comparison of the 2 frameworks. In this way an opportunity is provided for organizations to identify the equivalent security requirements between the two, and more importantly the missing cloud-specific CCM security requirements in ISO/IEC 27001/02, especially when seeking to integrating these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of ISO27001/02 and/or CCMv4 security controls.  Should you be interested in participating in the project, please contact me and I will walk you through the on-boarding process and mapping methodology.

Best regards,






------------------------------
Eleftherios Skoutaris
Program Manager
Cloud Security Alliance
------------------------------

Hello Eleftherios, 
Am interested in participating in the mapping of CCMv4.0 and ISO27001/2

------------------------------
David Don
Executive Council
IIM Africa
------------------------------

Original Message:
Sent: Apr 11, 2022 07:15:39 AM
From: Eleftherios Skoutaris
Subject: CCMv4.0 - ISO/IEC 27001/02:2022 Mapping (Call for participation)

Dear members,
CSA and the CCM WG would like to embark on a new project that involves a mapping and gap analysis between the CCM v4.0 and the new version of ISO/IEC 27002:2022, recently published.

As you might already know CSA's STAR program and STAR level 2 Certification combines the best of two worlds, ISO/IEC 27001:2013 and CCMv4.0. Organizations that wish to migrate to the cloud are able to build cloud security requirements on top of ISO27001 and meet also compliance to CCM.

The objective of the project is the requirements comparison of the 2 frameworks. In this way an opportunity is provided for organizations to identify the equivalent security requirements between the two, and more importantly the missing cloud-specific CCM security requirements in ISO/IEC 27001/02, especially when seeking to integrating these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of ISO27001/02 and/or CCMv4 security controls.  Should you be interested in participating in the project, please contact me and I will walk you through the on-boarding process and mapping methodology.

Best regards,






------------------------------
Eleftherios Skoutaris
Program Manager
Cloud Security Alliance
------------------------------

Hello Eleftherios,

I am also interested in participating in the mapping and gap analysis between the CCM v4.0 and the new version of ISO/IEC 27002:2022, recently published.

Thanks!

Lou Tinto

------------------------------
Lou Tinto
Sr. Security
City Electric Supply
------------------------------

Original Message:
Sent: Apr 12, 2022 10:46:45 AM
From: David Don
Subject: CCMv4.0 - ISO/IEC 27001/02:2022 Mapping (Call for participation)

Hello Eleftherios, 
Am interested in participating in the mapping of CCMv4.0 and ISO27001/2

------------------------------
David Don
Executive Council
IIM Africa

Original Message:
Sent: Apr 11, 2022 07:15:39 AM
From: Eleftherios Skoutaris
Subject: CCMv4.0 - ISO/IEC 27001/02:2022 Mapping (Call for participation)

Dear members,
CSA and the CCM WG would like to embark on a new project that involves a mapping and gap analysis between the CCM v4.0 and the new version of ISO/IEC 27002:2022, recently published.

As you might already know CSA's STAR program and STAR level 2 Certification combines the best of two worlds, ISO/IEC 27001:2013 and CCMv4.0. Organizations that wish to migrate to the cloud are able to build cloud security requirements on top of ISO27001 and meet also compliance to CCM.

The objective of the project is the requirements comparison of the 2 frameworks. In this way an opportunity is provided for organizations to identify the equivalent security requirements between the two, and more importantly the missing cloud-specific CCM security requirements in ISO/IEC 27001/02, especially when seeking to integrating these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of ISO27001/02 and/or CCMv4 security controls.  Should you be interested in participating in the project, please contact me and I will walk you through the on-boarding process and mapping methodology.

Best regards,






------------------------------
Eleftherios Skoutaris
Program Manager
Cloud Security Alliance
------------------------------

Good day, I would like to be part of this project effort, as a contributor or reviewer for my region

------------------------------
Frank Chin Hai
Chief
iTGRC Asia
------------------------------

Original Message:
Sent: Apr 11, 2022 07:15:39 AM
From: Eleftherios Skoutaris
Subject: CCMv4.0 - ISO/IEC 27001/02:2022 Mapping (Call for participation)

Dear members,
CSA and the CCM WG would like to embark on a new project that involves a mapping and gap analysis between the CCM v4.0 and the new version of ISO/IEC 27002:2022, recently published.

As you might already know CSA's STAR program and STAR level 2 Certification combines the best of two worlds, ISO/IEC 27001:2013 and CCMv4.0. Organizations that wish to migrate to the cloud are able to build cloud security requirements on top of ISO27001 and meet also compliance to CCM.

The objective of the project is the requirements comparison of the 2 frameworks. In this way an opportunity is provided for organizations to identify the equivalent security requirements between the two, and more importantly the missing cloud-specific CCM security requirements in ISO/IEC 27001/02, especially when seeking to integrating these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of ISO27001/02 and/or CCMv4 security controls.  Should you be interested in participating in the project, please contact me and I will walk you through the on-boarding process and mapping methodology.

Best regards,






------------------------------
Eleftherios Skoutaris
Program Manager
Cloud Security Alliance
------------------------------

Hello Eleftherios, 

I am also interested in participating in the mapping and gap analysis between the CCM v4.0 and ISO/IEC 27002:2022

Thanks!

------------------------------
Hyunho Chang
Research Manager
Tatum Security
------------------------------

Original Message:
Sent: Apr 11, 2022 07:15:39 AM
From: Eleftherios Skoutaris
Subject: CCMv4.0 - ISO/IEC 27001/02:2022 Mapping (Call for participation)

Dear members,
CSA and the CCM WG would like to embark on a new project that involves a mapping and gap analysis between the CCM v4.0 and the new version of ISO/IEC 27002:2022, recently published.

As you might already know CSA's STAR program and STAR level 2 Certification combines the best of two worlds, ISO/IEC 27001:2013 and CCMv4.0. Organizations that wish to migrate to the cloud are able to build cloud security requirements on top of ISO27001 and meet also compliance to CCM.

The objective of the project is the requirements comparison of the 2 frameworks. In this way an opportunity is provided for organizations to identify the equivalent security requirements between the two, and more importantly the missing cloud-specific CCM security requirements in ISO/IEC 27001/02, especially when seeking to integrating these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of ISO27001/02 and/or CCMv4 security controls.  Should you be interested in participating in the project, please contact me and I will walk you through the on-boarding process and mapping methodology.

Best regards,






------------------------------
Eleftherios Skoutaris
Program Manager
Cloud Security Alliance
------------------------------

Hi there, I am interested in this comparison, I implemented information security Configuration compliance capability for my organization based on CIS benchmark, vendor best practices and company security requirements. 

Thanks
Hema

------------------------------
Hema Bhatt
Project Delivery Lead
ANZ
------------------------------

Original Message:
Sent: Apr 11, 2022 07:15:39 AM
From: Eleftherios Skoutaris
Subject: CCMv4.0 - ISO/IEC 27001/02:2022 Mapping (Call for participation)

Dear members,
CSA and the CCM WG would like to embark on a new project that involves a mapping and gap analysis between the CCM v4.0 and the new version of ISO/IEC 27002:2022, recently published.

As you might already know CSA's STAR program and STAR level 2 Certification combines the best of two worlds, ISO/IEC 27001:2013 and CCMv4.0. Organizations that wish to migrate to the cloud are able to build cloud security requirements on top of ISO27001 and meet also compliance to CCM.

The objective of the project is the requirements comparison of the 2 frameworks. In this way an opportunity is provided for organizations to identify the equivalent security requirements between the two, and more importantly the missing cloud-specific CCM security requirements in ISO/IEC 27001/02, especially when seeking to integrating these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of ISO27001/02 and/or CCMv4 security controls.  Should you be interested in participating in the project, please contact me and I will walk you through the on-boarding process and mapping methodology.

Best regards,






------------------------------
Eleftherios Skoutaris
Program Manager
Cloud Security Alliance
------------------------------

Good Afternoon Eleftherios,

I would be very interested in joining this working group please.

Best Regards

James

------------------------------
James Turrell
Security
n/a
------------------------------

Original Message:
Sent: Apr 11, 2022 07:15:39 AM
From: Eleftherios Skoutaris
Subject: CCMv4.0 - ISO/IEC 27001/02:2022 Mapping (Call for participation)

Dear members,
CSA and the CCM WG would like to embark on a new project that involves a mapping and gap analysis between the CCM v4.0 and the new version of ISO/IEC 27002:2022, recently published.

As you might already know CSA's STAR program and STAR level 2 Certification combines the best of two worlds, ISO/IEC 27001:2013 and CCMv4.0. Organizations that wish to migrate to the cloud are able to build cloud security requirements on top of ISO27001 and meet also compliance to CCM.

The objective of the project is the requirements comparison of the 2 frameworks. In this way an opportunity is provided for organizations to identify the equivalent security requirements between the two, and more importantly the missing cloud-specific CCM security requirements in ISO/IEC 27001/02, especially when seeking to integrating these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of ISO27001/02 and/or CCMv4 security controls.  Should you be interested in participating in the project, please contact me and I will walk you through the on-boarding process and mapping methodology.

Best regards,






------------------------------
Eleftherios Skoutaris
Program Manager
Cloud Security Alliance
------------------------------

Hi - I'd like to contribute too. Look forward to further comms.

Kind regards
Mohin

------------------------------
Mohin G
Consultant
Independent
------------------------------

Original Message:
Sent: Apr 11, 2022 07:15:39 AM
From: Eleftherios Skoutaris
Subject: CCMv4.0 - ISO/IEC 27001/02:2022 Mapping (Call for participation)

Dear members,
CSA and the CCM WG would like to embark on a new project that involves a mapping and gap analysis between the CCM v4.0 and the new version of ISO/IEC 27002:2022, recently published.

As you might already know CSA's STAR program and STAR level 2 Certification combines the best of two worlds, ISO/IEC 27001:2013 and CCMv4.0. Organizations that wish to migrate to the cloud are able to build cloud security requirements on top of ISO27001 and meet also compliance to CCM.

The objective of the project is the requirements comparison of the 2 frameworks. In this way an opportunity is provided for organizations to identify the equivalent security requirements between the two, and more importantly the missing cloud-specific CCM security requirements in ISO/IEC 27001/02, especially when seeking to integrating these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of ISO27001/02 and/or CCMv4 security controls.  Should you be interested in participating in the project, please contact me and I will walk you through the on-boarding process and mapping methodology.

Best regards,






------------------------------
Eleftherios Skoutaris
Program Manager
Cloud Security Alliance
------------------------------

Original Message:
Sent: 4/25/2022 12:52:00 PM
From: Mohin G
Subject: RE: CCMv4.0 - ISO/IEC 27001/02:2022 Mapping (Call for participation)

Hi - I'd like to contribute too. Look forward to further comms.

Kind regards
Mohin

------------------------------
Mohin G
Consultant
Independent
------------------------------

Original Message:
Sent: Apr 11, 2022 07:15:39 AM
From: Eleftherios Skoutaris
Subject: CCMv4.0 - ISO/IEC 27001/02:2022 Mapping (Call for participation)

Dear members,
CSA and the CCM WG would like to embark on a new project that involves a mapping and gap analysis between the CCM v4.0 and the new version of ISO/IEC 27002:2022, recently published.

As you might already know CSA's STAR program and STAR level 2 Certification combines the best of two worlds, ISO/IEC 27001:2013 and CCMv4.0. Organizations that wish to migrate to the cloud are able to build cloud security requirements on top of ISO27001 and meet also compliance to CCM.

The objective of the project is the requirements comparison of the 2 frameworks. In this way an opportunity is provided for organizations to identify the equivalent security requirements between the two, and more importantly the missing cloud-specific CCM security requirements in ISO/IEC 27001/02, especially when seeking to integrating these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of ISO27001/02 and/or CCMv4 security controls.  Should you be interested in participating in the project, please contact me and I will walk you through the on-boarding process and mapping methodology.

Best regards,






------------------------------
Eleftherios Skoutaris
Program Manager
Cloud Security Alliance
------------------------------

I would like to participate in this effort.

--Ron Palladino

------------------------------
Ron Palladino
Security Risk& Awareness Program Manager
IEEE
------------------------------

Original Message:
Sent: Apr 11, 2022 07:15:39 AM
From: Eleftherios Skoutaris
Subject: CCMv4.0 - ISO/IEC 27001/02:2022 Mapping (Call for participation)

Dear members,
CSA and the CCM WG would like to embark on a new project that involves a mapping and gap analysis between the CCM v4.0 and the new version of ISO/IEC 27002:2022, recently published.

As you might already know CSA's STAR program and STAR level 2 Certification combines the best of two worlds, ISO/IEC 27001:2013 and CCMv4.0. Organizations that wish to migrate to the cloud are able to build cloud security requirements on top of ISO27001 and meet also compliance to CCM.

The objective of the project is the requirements comparison of the 2 frameworks. In this way an opportunity is provided for organizations to identify the equivalent security requirements between the two, and more importantly the missing cloud-specific CCM security requirements in ISO/IEC 27001/02, especially when seeking to integrating these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of ISO27001/02 and/or CCMv4 security controls.  Should you be interested in participating in the project, please contact me and I will walk you through the on-boarding process and mapping methodology.

Best regards,






------------------------------
Eleftherios Skoutaris
Program Manager
Cloud Security Alliance
------------------------------

Hi Eleftherios, 

I'd like to contribute, thanks.

Alex.

------------------------------
Alex Stezycki
Security Consultant
Capgemini
------------------------------

Original Message:
Sent: Apr 11, 2022 07:15:39 AM
From: Eleftherios Skoutaris
Subject: CCMv4.0 - ISO/IEC 27001/02:2022 Mapping (Call for participation)

Dear members,
CSA and the CCM WG would like to embark on a new project that involves a mapping and gap analysis between the CCM v4.0 and the new version of ISO/IEC 27002:2022, recently published.

As you might already know CSA's STAR program and STAR level 2 Certification combines the best of two worlds, ISO/IEC 27001:2013 and CCMv4.0. Organizations that wish to migrate to the cloud are able to build cloud security requirements on top of ISO27001 and meet also compliance to CCM.

The objective of the project is the requirements comparison of the 2 frameworks. In this way an opportunity is provided for organizations to identify the equivalent security requirements between the two, and more importantly the missing cloud-specific CCM security requirements in ISO/IEC 27001/02, especially when seeking to integrating these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of ISO27001/02 and/or CCMv4 security controls.  Should you be interested in participating in the project, please contact me and I will walk you through the on-boarding process and mapping methodology.

Best regards,






------------------------------
Eleftherios Skoutaris
Program Manager
Cloud Security Alliance
------------------------------

Hi Alex

Please include me. Keen to contribute.

Regards
Krishna.

------------------------------
Krishna das Manghat
Associate Dir
kpmg
------------------------------

Original Message:
Sent: Apr 26, 2022 08:08:56 AM
From: Alex Stezycki
Subject: CCMv4.0 - ISO/IEC 27001/02:2022 Mapping (Call for participation)

Hi Eleftherios, 

I'd like to contribute, thanks.

Alex.

------------------------------
Alex Stezycki
Security Consultant
Capgemini

Original Message:
Sent: Apr 11, 2022 07:15:39 AM
From: Eleftherios Skoutaris
Subject: CCMv4.0 - ISO/IEC 27001/02:2022 Mapping (Call for participation)

Dear members,
CSA and the CCM WG would like to embark on a new project that involves a mapping and gap analysis between the CCM v4.0 and the new version of ISO/IEC 27002:2022, recently published.

As you might already know CSA's STAR program and STAR level 2 Certification combines the best of two worlds, ISO/IEC 27001:2013 and CCMv4.0. Organizations that wish to migrate to the cloud are able to build cloud security requirements on top of ISO27001 and meet also compliance to CCM.

The objective of the project is the requirements comparison of the 2 frameworks. In this way an opportunity is provided for organizations to identify the equivalent security requirements between the two, and more importantly the missing cloud-specific CCM security requirements in ISO/IEC 27001/02, especially when seeking to integrating these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of ISO27001/02 and/or CCMv4 security controls.  Should you be interested in participating in the project, please contact me and I will walk you through the on-boarding process and mapping methodology.

Best regards,






------------------------------
Eleftherios Skoutaris
Program Manager
Cloud Security Alliance
------------------------------

Hi, I'd like join the team.
Due to TZ constraints, I will contribute mainly through document base.
-

------------------------------
Koichiro Watanabe
Solution Architect
Microsoft Corp.
ISO/IEC JTC1 SC27 WG1/WG4 expert
Japan
------------------------------

Original Message:
Sent: Apr 11, 2022 07:15:39 AM
From: Eleftherios Skoutaris
Subject: CCMv4.0 - ISO/IEC 27001/02:2022 Mapping (Call for participation)

Dear members,
CSA and the CCM WG would like to embark on a new project that involves a mapping and gap analysis between the CCM v4.0 and the new version of ISO/IEC 27002:2022, recently published.

As you might already know CSA's STAR program and STAR level 2 Certification combines the best of two worlds, ISO/IEC 27001:2013 and CCMv4.0. Organizations that wish to migrate to the cloud are able to build cloud security requirements on top of ISO27001 and meet also compliance to CCM.

The objective of the project is the requirements comparison of the 2 frameworks. In this way an opportunity is provided for organizations to identify the equivalent security requirements between the two, and more importantly the missing cloud-specific CCM security requirements in ISO/IEC 27001/02, especially when seeking to integrating these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of ISO27001/02 and/or CCMv4 security controls.  Should you be interested in participating in the project, please contact me and I will walk you through the on-boarding process and mapping methodology.

Best regards,






------------------------------
Eleftherios Skoutaris
Program Manager
Cloud Security Alliance
------------------------------

I am interested as a volunteer.

------------------------------
tuhin goswami
Consultant
Digital14
------------------------------

Original Message:
Sent: Apr 11, 2022 07:15:39 AM
From: Eleftherios Skoutaris
Subject: CCMv4.0 - ISO/IEC 27001/02:2022 Mapping (Call for participation)

Dear members,
CSA and the CCM WG would like to embark on a new project that involves a mapping and gap analysis between the CCM v4.0 and the new version of ISO/IEC 27002:2022, recently published.

As you might already know CSA's STAR program and STAR level 2 Certification combines the best of two worlds, ISO/IEC 27001:2013 and CCMv4.0. Organizations that wish to migrate to the cloud are able to build cloud security requirements on top of ISO27001 and meet also compliance to CCM.

The objective of the project is the requirements comparison of the 2 frameworks. In this way an opportunity is provided for organizations to identify the equivalent security requirements between the two, and more importantly the missing cloud-specific CCM security requirements in ISO/IEC 27001/02, especially when seeking to integrating these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of ISO27001/02 and/or CCMv4 security controls.  Should you be interested in participating in the project, please contact me and I will walk you through the on-boarding process and mapping methodology.

Best regards,






------------------------------
Eleftherios Skoutaris
Program Manager
Cloud Security Alliance
------------------------------

Original Message:
Sent: 5/1/2022 4:03:00 PM
From: tuhin goswami
Subject: RE: CCMv4.0 - ISO/IEC 27001/02:2022 Mapping (Call for participation)

I am interested as a volunteer.

------------------------------
tuhin goswami
Consultant
Digital14
------------------------------

Original Message:
Sent: Apr 11, 2022 07:15:39 AM
From: Eleftherios Skoutaris
Subject: CCMv4.0 - ISO/IEC 27001/02:2022 Mapping (Call for participation)

Dear members,
CSA and the CCM WG would like to embark on a new project that involves a mapping and gap analysis between the CCM v4.0 and the new version of ISO/IEC 27002:2022, recently published.

As you might already know CSA's STAR program and STAR level 2 Certification combines the best of two worlds, ISO/IEC 27001:2013 and CCMv4.0. Organizations that wish to migrate to the cloud are able to build cloud security requirements on top of ISO27001 and meet also compliance to CCM.

The objective of the project is the requirements comparison of the 2 frameworks. In this way an opportunity is provided for organizations to identify the equivalent security requirements between the two, and more importantly the missing cloud-specific CCM security requirements in ISO/IEC 27001/02, especially when seeking to integrating these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of ISO27001/02 and/or CCMv4 security controls.  Should you be interested in participating in the project, please contact me and I will walk you through the on-boarding process and mapping methodology.

Best regards,






------------------------------
Eleftherios Skoutaris
Program Manager
Cloud Security Alliance
------------------------------

Hi Eleftherios - interested in collaborating.

------------------------------
Miguel Angel Arenas CISM, CRISC, ITIL
Cybersecurity Governance PM
Alphacredit
Mexico City
------------------------------

Original Message:
Sent: Apr 11, 2022 07:15:39 AM
From: Eleftherios Skoutaris
Subject: CCMv4.0 - ISO/IEC 27001/02:2022 Mapping (Call for participation)

Dear members,
CSA and the CCM WG would like to embark on a new project that involves a mapping and gap analysis between the CCM v4.0 and the new version of ISO/IEC 27002:2022, recently published.

As you might already know CSA's STAR program and STAR level 2 Certification combines the best of two worlds, ISO/IEC 27001:2013 and CCMv4.0. Organizations that wish to migrate to the cloud are able to build cloud security requirements on top of ISO27001 and meet also compliance to CCM.

The objective of the project is the requirements comparison of the 2 frameworks. In this way an opportunity is provided for organizations to identify the equivalent security requirements between the two, and more importantly the missing cloud-specific CCM security requirements in ISO/IEC 27001/02, especially when seeking to integrating these with their cloud security and compliance programs.

In this respect, CSA, and under the umbrella of the CCM WG, would like to put together a team of experts, who have good experience in the implementation/assessment of ISO27001/02 and/or CCMv4 security controls.  Should you be interested in participating in the project, please contact me and I will walk you through the on-boarding process and mapping methodology.

Best regards,






------------------------------
Eleftherios Skoutaris
Program Manager
Cloud Security Alliance
------------------------------