This content is open to everyone — sign in to save your progress, earn points, and unlock module exams.
Topic 3.1 of Cloud Security Controls and Frameworks
Preventive, detective, and corrective control layers, and a walkthrough of all 17 CSA CCM v4 domains.
By the end of this topic, you will
Quadrant 1 · e-Tutorial
Quadrant 2 · e-Content
Quadrant 3 · Web Resources
Downloadable reference material
External links
CSA Cloud Controls Matrix v4 Download
Official CCM v4 spreadsheet with all 197 controls, implementation guidance, and framework mappings.
CSA Cloud Controls Matrix v4 Download
Official CCM v4 spreadsheet with all 197 controls, implementation guidance, and framework mappings.
CSA STAR Program — Cloud Provider Assurance
CSA STAR registry where cloud providers publish their CCM-based security assessments.
CSA STAR Program — Cloud Provider Assurance
CSA STAR registry where cloud providers publish their CCM-based security assessments.
ISO/IEC 27017: Security Controls for Cloud Services
International standard providing cloud-specific implementation guidance for ISO 27001 controls.
ISO/IEC 27017: Security Controls for Cloud Services
International standard providing cloud-specific implementation guidance for ISO 27001 controls.
PCI-DSS v4.0 Cloud Computing Guidelines
PCI SSC supplemental guidance on applying PCI-DSS v4 requirements to cloud environments.
PCI-DSS v4.0 Cloud Computing Guidelines
PCI SSC supplemental guidance on applying PCI-DSS v4 requirements to cloud environments.
Quadrant 4 · Self-Assessment
Controls, Standards and Testing
CSA CCM v4, NIST CSF 2.0, ENISA, CSPM, CWPP, CASB, CIEM, CSMV, and cloud penetration testing tools.
Cloud Security: Complete Assessment
Comprehensive 120-question assessment covering all six chapters of the Cloud Security eBook 2026.