Security News > 2021 > June > Cloud Security Alliance updates its CAIQ to increase value for cloud service providers and customers

The Cloud Security Alliance released an update to its Consensus Assessment Initiative Questionnaire, a set of questions that allow cloud consumers and auditors to ascertain a cloud service provider's compliance with the Cloud Controls Matrix.

With CAIQv4, users can showcase additional accountability and transparency regarding their security and privacy practices, providing additional value for both cloud service providers and customers.

"This update addresses what is arguably one of the biggest risks in the cloud ecosystem - the lack of understanding of the shared responsibility model. The information gap between the various parties in the cloud supply chain has become the cause of easily avoidable cloud security and privacy breaches. With these additions to CAIQ, and consequently to the STAR Registry, CSA is facilitating cloud customers with their vendor and third-party management process, as well as in building a well-defined cloud security, privacy and accountability program," said Daniele Catteddu, Chief Technology Officer, Cloud Security Alliance.

Changes in the structure of the document used for the submissions to Security, Trust, Assurance and Risk Registry Level 1.

Additional sections related to the Shared Security Responsibility Model, which lets CSPs better describe the allocation of the responsibility for the implementation of a CCMv4 control.

STAR Level 1: Security Questionnaire: Used to submit to the STAR registry and includes all the necessary features, including the SSRM..

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/B5kN4ZzzSrw/