CCAK

Hi,

Reading through teh study guide I got a little lost so hoping someone can explain something to me.
Pages 221 -224 , the figures and text show coloums "Gap", "Gap Analysis" ,"Compensating controls" etc... question where do these coloums come from? Are these manually created by the user of teh CCM and manually filled as well? If they should be there already and there is some sort of automatic analysis done, can someone explain this please?

Reading the "Methodology  for the Mapping of the CCM" didn't help me understand this either.

Thanks in advance
Kevin​​

------------------------------
Kevin Stander
------------------------------

Hi Kevin,
The columns mentioned are part of the work that is being done when mapping different frameworks to CCM controls. The contributors of CCM are creating those during the  mapping process . If you download the latest CCM from CSA website, there is a "Scope applicability" tab in the spreadsheet where you can see the gaps for ISO27K mapping to CCM.

------------------------------
Moshe Ferber
------------------------------

Original Message:
Sent: Jul 08, 2021 03:21:57 AM
From: Kevin Stander
Subject: CCAK study guide

Hi,

Reading through teh study guide I got a little lost so hoping someone can explain something to me.
Pages 221 -224 , the figures and text show coloums "Gap", "Gap Analysis" ,"Compensating controls" etc... question where do these coloums come from? Are these manually created by the user of teh CCM and manually filled as well? If they should be there already and there is some sort of automatic analysis done, can someone explain this please?

Reading the "Methodology  for the Mapping of the CCM" didn't help me understand this either.

Thanks in advance
Kevin​​

------------------------------
Kevin Stander
------------------------------

Original Message:
Sent: 7/11/2021 2:59:00 AM
From: Moshe Ferber
Subject: RE: CCAK study guide

Hi Kevin,
The columns mentioned are part of the work that is being done when mapping different frameworks to CCM controls. The contributors of CCM are creating those during the  mapping process . If you download the latest CCM from CSA website, there is a "Scope applicability" tab in the spreadsheet where you can see the gaps for ISO27K mapping to CCM.

------------------------------
Moshe Ferber
------------------------------

Original Message:
Sent: Jul 08, 2021 03:21:57 AM
From: Kevin Stander
Subject: CCAK study guide

Hi,

Reading through teh study guide I got a little lost so hoping someone can explain something to me.
Pages 221 -224 , the figures and text show coloums "Gap", "Gap Analysis" ,"Compensating controls" etc... question where do these coloums come from? Are these manually created by the user of teh CCM and manually filled as well? If they should be there already and there is some sort of automatic analysis done, can someone explain this please?

Reading the "Methodology  for the Mapping of the CCM" didn't help me understand this either.

Thanks in advance
Kevin​​

------------------------------
Kevin Stander
------------------------------