Function responsible for assuring that the level of services provided is in aggreement with contractual obligations on an ongoing basis
Cloud Controls Matrix (CCM) Data
Physical | Network | Compute | App | Data |
---|---|---|---|---|
True | True | True | True | True |
Corp Gov Relevance |
---|
True |
SaaS | PaaS | IaaS |
---|---|---|
True | True | True |
Service Provider | Tenant / Consumer |
---|---|
True | True |
COBIT 4.1 | HIPAA / HITECH Act | ISO/IEC 27001-2005 |
---|---|---|
DS5.10 | A.6.2.3 |
NIST SP800-53 R3 | FedRAMP (Final 2012) Low Impact | FedRAMP (Final 2012) Moderate Impact | PCI DSS v2.0 |
---|---|---|---|
SC-20 | NIST SP 800-53 R3 CA-3 | NIST SP 800-53 R3 CA-3 |
BITS Shared Assessments SIG v6.0 | BITS Shared Assessments SIG v5.0 | GAPP (Aug 2009) |
---|---|---|
C.2.6, G.9.9 | C.2 | 8.2.2 |
Jericho Forum | NERC CIP |
---|---|
Commandment #6 |
Consensus Assessments Initiative Questionnaire (CAIQ) Data
COBIT | HIPAA | ISO27001 | SP800_53 |
---|---|---|---|
COBIT 4.1 DS5.10 | A.6.2.3 | NIST SP800-53 R3 SC-20 |
FedRAMP | PCI_DSS | BITS | GAPP |
---|---|---|---|
NIST SP800-53 R3 SC-20 | AUP v5.0 C.2 SIG v6.0:C.2.6, G.9.9 | GAPP Ref 8.2.2 |
SaaS | PaaS | IaaS |
---|---|---|
True | True | True |
SP | CUST |
---|---|
True | True |