Privacy Level Agreement

Back to discussions
Expand all | Collapse all

Kind reminder of tomorrow's working group call!

  • 1.  Kind reminder of tomorrow's working group call!

    Posted Jul 29, 2024 11:33:00 AM

    Dear members,

    This is a reminder of tomorrow's PLA working group call scheduled for tomorrow (July 30) at 08:00 am. PT / 11:00 .m. ET / 15:00 GMT

    Agenda:

    • Louis ( @Louis Pinault) to map rows 67-76
    • Louis ( @Louis Pinault ) to review ISO 27001 domains and compare them to CSA controls for rows referencing ISO standards.
    • Louis ( @Louis Pinault) to complete mapping for rows 22, 25, 88, and 90.
    • Isabella ( @Isabella Oldani) to review offline the partial gaps identified in rows 57-67 and discuss with Jacopo.
    • Isabella ( @Isabella Oldanito review the other half of ISO 27001 domains in the U Cloud CoC and compare them to CSA controls for rows referencing ISO standards.
    • Marina to update row 11 to reflect no gap instead of partial gap. Include more CSA CoC controls for row 10. For row 62 and control [5.13.B] to consider provision 8 (personal data breach) in case the partial gap can be avoided. Row 63, to check if "promptly" and "without hindrance" elements can be considered as implied in the data portability requirements under the CSA CoC.
    • Marina to complete mapping for rows 21 and 24. And rows 80,81.

    The EU Cloud Code of Conduct can be downloaded/consulted here.
    The CSA Code of Conduct is in tab     'PLA Code of Practice (CoP) v4.1' here.

    To connect on the call:

    URL: https://cloudsecurityalliance.zoom.us/j/82987382695?pwd=amZ6cEljSCtXVU01OUVRbUUyTTNRdz09  (Meeting ID: 829 8738 2695, Passcode: 794440)

    Kind regards,
    Marina

    P.S.     Description of task: 'Mapping of the CSA Code of Conduct to the EU Cloud Code of Conduct' online document:
    The group members are called to work on the mapping in the 3rd Tab called 'PLA CoP v EUCloud COC'
    Column C contains the provision/control form the EU Code of Conduct while Column F will need to be filled with the corresponding provision from the CSA Code of Conduct.
    Column H needs to be filled with the values of  No Gap, Partial Gap or Full Gap, depending on the overlap the 2 Code of Conducts may or may not have. In the case of no gap, no amendment will be necessary from the CSP to the already implemented provision. In the case of 'partial or full gap', the CSP will need to amend the already implemented CSA CoC provision to match the EU CoC benchmark.

     



    ------------------------------
    Marina Bregkou,
    Senior Research Analyst,
    CSA
    ------------------------------