Print This Page

Resource Protection

Prevention of misuse of computer resources.

Cloud Controls Matrix (CCM) Data

IS-30 | Information Security | Diagnostic / Configuration Ports Access

Control Specification +-

User access to diagnostic and configuration ports shall be restricted to authorized individuals and applications.

Architectural Relevance +-

PhysicalNetworkComputeAppData
True False False False False

Corp Gov Relevance +-

Corp Gov Relevance
False

Cloud Service Delivery Model Applicability +-

SaaSPaaSIaaS
True True True

Supplier Relationship +-

Service ProviderTenant / Consumer
True True

Scope Applicability +-

COBIT 4.1HIPAA / HITECH ActISO/IEC 27001-2005

DS5.7

A.10.6.1
A.11.1.1
A.11.4.4
A.11.5.4

NIST SP800-53 R3FedRAMP (Final 2012) Low ImpactFedRAMP (Final 2012) Moderate ImpactPCI DSS v2.0

CM-7
MA-3
MA-4
MA-5

NIST SP 800-53 R3 CM-7
NIST SP 800-53 R3 MA-4
NIST SP 800-53 R3 MA-5

NIST SP 800-53 R3 CM-7
NIST SP 800-53 R3 CM-7 (1)
NIST SP 800-53 R3 MA-3
NIST SP 800-53 R3 MA-3 (1)
NIST SP 800-53 R3 MA-3 (2)
NIST SP 800-53 R3 MA-3 (3)
NIST SP 800-53 R3 MA-4
NIST SP 800-53 R3 MA-4 (1)
NIST SP 800-53 R3 MA-4 (2)
NIST SP 800-53 R3 MA-5

9.1.2

BITS Shared Assessments SIG v6.0BITS Shared Assessments SIG v5.0GAPP (Aug 2009)

H1.1, H1.2, G.9.15
Jericho ForumNERC CIP

Commandment #3
Commandment #4
Commandment #5
Commandment #6
Commandment #7
Commandment #8

CIP-007-3 - R2

Consensus Assessments Initiative Questionnaire (CAIQ) Data

Information Security (IS) | ID #IS-30.1

Do you utilize dedicated secure networks to provide management access to your cloud service infrastructure?

Compliance Mapping +-

COBITHIPAAISO27001SP800_53

COBIT 4.1 DS5.7

A.10.6.1
A.11.1.1
A.11.4.4
A.11.5.4

NIST SP800-53 R3 CM-7
NIST SP800-53 R3 MA-3
NIST SP800-53 R3 MA-4
NIST SP800-53 R3 MA-5

FedRAMPPCI_DSSBITSGAPP

NIST SP800-53 R3 CM-7
NIST SP800-53 R3 CM-7 (1)
NIST SP800-53 R3 MA-3
NIST SP800-53 R3 MA-3 (1)
NIST SP800-53 R3 MA-3 (2)
NIST SP800-53 R3 MA-3 (3)
NIST SP800-53 R3 MA-4
NIST SP800-53 R3 MA-4 (1)
NIST SP800-53 R3 MA-4 (2)
NIST SP800-53 R3 MA-5

PCI-DSS v2.0 9.1.2

SIG v6.0: H1.1, H1.2, G.9.15

Model Applicability +-

SaaSPaaSIaaS
True True True

Scope Applicability +-

SPCUST
True True