Cloud Security Alliance Matrix


The Cloud Security Alliance (CSA) is the world’s leading organisation dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.

The CSA is a nonprofit organisation that harnesses the subject matter expertise of industry practitioners, associations and governments (as well as its corporate and individual members) to offer cloud security-specific solutions. These solutions range from research, certification and education to events and products, specifically related to cloud security.

The CSA’s activities, knowledge and extensive network benefit the entire community impacted by cloud technology. This includes cloud security providers and customers, as well as the assurance industry. The CSA provides a structured forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem.

What is the CSA Cloud Controls Matrix?

The CSA Cloud Controls Matrix (CCM) is specifically designed to provide fundamental security principles as guidance and assistance. The CCM Matrix guides cloud vendors and assists prospective cloud customers in assessing the overall security risk of a cloud provider.

The CSA CCM provides a controls framework that gives detailed understanding of security concepts and principles that are aligned to the Cloud Security Alliance guidance in 13 domains.

The foundations of the Cloud Security Alliance Controls Matrix rest on its customised relationship to other industry-accepted security standards, regulations and controls frameworks. The CSA CCM serves to augment and provide internal control direction for service organisation control reports.

Other frameworks include:

  • ISO 27001/27002
  • NIST
  • Jericho Forum
How Bridewell Can Help?

Bridewell’s experienced and certified consultants can provide various levels of support, help and training to organisations looking to align to CSA practices.

Among other certifications, our consultants have achieved the CSA Certificate of Cloud Security Knowledge, which solidifies evidence of our expertise in implementation and key concepts of the CSA Guidance, the CSA CCM, and the European Network and Information Security Agency whitepaper.

What Sets Us Apart?

Our comprehensive range of services is designed to handle the complexity of today’s data-intensive way of life, as well as its increasing regulatory burden. Our success is based on: 

  • A deep understanding of IT infrastructure frameworks, cloud technologies and cloud security
  • An ability to design, implement and deploy for businesses of all sizes
  • A firm grasp of the business realities faced by enterprises in multiple sectors
  • Comprehensive ISO27001, ISO9001 and Cyber Essentials certification
  • A sophisticated menu of security solutions for Office 365, AWS and Microsoft Azure
  • Managed services capability through our Security Operations Centre
Ready to Take the Next Step?

We’re here to help, so to speak with our team and learn more about how Bridewell can benefit your organisation, just complete the below form and one of our experts will be in touch.

Bridewell Consulting may contact you from time to time to keep you informed of security news and events.

You will always have an option to change your preferences or unsubscribe in line with our Privacy Policy.

Other Services

Let’s talk. Speak to our experts to see how we can work together, keeping your business protected and productive.