CCM Training

  • Cloud Controls Matrix (CCM) Foundation Course

    Thursday 8th June 2017, 9.00-17.00, £649 + VAT 
    • Understand fundamental security principles to assist prospective cloud customers and guide cloud vendors in assessing the overall security risk of a cloud provider
    • Get to grips with security concepts and principles that are aligned to the Cloud Security Alliance guidance in 13 domains
    • Discover how to strengthen existing information security control by understanding business information security control requirements
    • Learn how to reduce and identify consistent security threats and vulnerabilities in the cloud


    About the Cloud Controls Matric (CCM) Foundation Course

    This training course is designed to provide training for CSA's Cloud Controls Matrix (CCM), which is a part of CSA’s GRC Stack toolkit. The course will also provide an introduction to the Consensus Assessments Initiative Questionnaire (CAIQ) and CSA Security, Trust & Assurance Registry (STAR).

    Book now

    Find out more

    Terms & Conditions

  • Key learning objectives:

    Upon completion of this training, the attendee should be able to use the CCM and CAIQ to be able to:

    For a cloud customer or cloud auditor:

    • Assess the overall level of security offered by cloud provider
    • Build the necessary assessment processes for engaging with cloud providers
    • Leverage the mapping with other industry-accepted security standards, regulations, and controls frameworks (such as ISACA COBIT, FERPA, AICPA, ISO/IEC 27001/27002, NIST, Jericho Forum, NERC CIP, PCI DSS and the CSA Guidance document) to reduce audit complexity
    • Normalise security expectations, cloud taxonomy and terminology, and security measures implemented in the cloud

    For a cloud vendor:

    • Comply with fundamental cloud security principles and requirements included in relevant security standards and legislations
    • Assess the security posture of your offering
    • Compare yourself with competitors and industry benchmark

    Course Curriculum will centre on

    • Introduction to Cloud
    • Introduction & Purpose of Cloud Controls Matrix
    • Cloud Controls Matrix Structure
    • Cloud Controls Matrix
    • Domains Intro to CAIQ and STAR, the Future, Summary

    Book now

  • About your trainer

    Neha Thethi

    Information Security Analyst and Researcher

    BH Consulting

    Neha Thethi joined BH Consulting in March 2014. Her role includes carrying out digital forensics investigations, conducting audits against the ISO 27001 security standard, and performing cybersecurity research. Neha has contributed to published security research and white papers, specifically about subjects relating to cloud security, and she has given several presentations about security and digital forensics at events such as SecureCloud 2016, B-Sides London and Source 2015. She has also given webinar presentations about cloud security and cloud forensics. Neha is a member of several security groups, including the Irish Reporting and Information Security Service (IRISS) where she volunteers, as well as the Irish Information Security Forum (IISF) and the global group ISACA, the Information Systems Audit and Control Association.

Media Partners

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies.