Zero Trust Architecture (ZTA) Expert Group

ZTT Expert Group Action Points 9/15

  • 1.  ZTT Expert Group Action Points 9/15

    Posted Sep 19, 2022 04:11:00 PM

    Hello all,

    Thank you for the thoughtful discussion Thursday. The meeting minutes have been updated and can be found here: 

    The recording for this meeting and future meetings can be found in the Library of the ZTT SME Circle group, along with the agendas/meeting minutes, and other relevant ZTT artifacts, such as the charter. The Circle group is invite-only, so if you do not have access to this group, please let us know ASAP and we can get that resolved. 

    All Modules for the ZT Training as well as the ZTT Glossary can be found here:

    Note: Please read modules 1-5 to get a good concept of the ZT/SDP training.

    ZT/SDP Resources Folder

    As a reminder, the Training team's goal is to have this module, Zero Trust Planning, ready for CSA's internal review by mid-September. 

    Action Points:

    1. Assigned to all, please review Module 5 and provide comments/feedback by 9/15. 

      1. Link:

    2. Course Intro/Learning Objectives

      1. The CSA internal team is tasked with updating these to reflect the curriculum learning objectives 

    3. 5.3 Scope & Priority

      1. Shruti please continue on this section by 9/22

    4. 5.2 Planning Considerations

      1. 5.2.4 Supply Chain Resilience

        1. Hienrich please review the feedback Alex provided by 9/22

      2. 5.2.5 Detection and Incident Response Plan

        1. Heinrich will rewrite this paragraph by 9/22

      3. 5.2.8 Compliance 

        1. Dr. Ron has suggested this as a helpful authoritative source for this section

    5. 5.4 Gap Analysis 

      1. Heinrich, please restructure this section by 9/22

    6. 5.5 Define the Protect Surface

      1. Shruti please address comments in this section by 9/22 

      2. Otherwise, this section is considered to be in a final draft state

    7. 5.6 Document Transaction Flows 

      1. Mark S. please respond/address Anna/Daniele's comments by 9/22

      2. Otherwise, this section is considered to be in a final state 

    8. 5.7 Define the ZT Policies 

      1. Prasad please respond/address  Anna/Daniele's comment regarding risk by 9/22

      2. Otherwise, this section is considered to be in a final state

    9. 5.9 ZT Go Live Planning

      1. Aunudrei please work on this section by 9/22; please consider the following:

        1. Alex S. suggested including Detection and Incident Response to 5.9 

    Thank you all for your time and commitment to this program,

    Chandler Curran
    Training Project Administrator
    Cloud Security Alliance