Great insight here - use the standard CAIQ (17 domains and 200+ questions) for your high-risk suppliers, but opt for the CAIQ-Lite (70+ of the most relevant questions) for your low-risk suppliers.
https://cloudsecurityalliance.org/artifacts/caiq-lite------------------------------
Scott Williams
VP, Business Development
Cloud Security Alliance
------------------------------
Original Message:
Sent: Feb 09, 2022 06:36:57 AM
From: Orbert Reavis
Subject: CAIQ-Lite: The Lighter-weight Security Assessment Option
The CSA Security Update podcast explores the STAR Program, CSA best practices, research, and associated technologies and tools. In an ongoing blog series, we edit key CSA Security Update episodes into shorter Q&As. In this post, John DiMaria interviews Nick Sorenson, CEO of Whistic, as he discusses the research and statistical analysis that went into the creation of CAIQ-Lite, a shorter version of CAIQ: CAIQ-Lite: The Lighter-weight Security Assessment | CSA
#CloudSecurity #securityaudit #CloudComputing
Cloudsecurityalliance | remove preview |
| CAIQ-Lite: The Lighter-weight Security Assessment | CSA | CSA's Consensus Assessment Initiative Questionnaire ( CAIQ) is a downloadable spreadsheet of yes or no questions that correspond to the controls of the Cloud Controls Matrix (CCM), our cybersecurity controls framework for cloud computing. A cloud service provider can use the CAIQ to document what security controls exist in their services. | View this on Cloudsecurityalliance > |
|
|
------------------------------
Orbert .
------------------------------