GRC-08: Special Interest Groups

Info icon.

Control is new to this version of the control set.

Control Statement

Establish and maintain contact with cloud-related special interest groups and other relevant entities in line with business context.

Implementation Guidance

Management should establish and maintain contact with special interest groups or professional associations to receive early warnings and advice regarding new threats, vulnerabilities, and regulatory updates.

Auditing Guidance

  1. Examine the organization's policy and procedures related to contact with cloud-related special interest groups to determine if membership is required and actively maintained.
  2. Identify relevant individuals responsible for contacting cloud-related special interest groups and determine if the policy requirements stipulated in the policy level have been implemented.

[csf.tools Note: For more information on the Cloud Controls Matrix, visit the CSA Cloud Controls Matrix Homepage.]

Cloud Control Matrix is Copyright 2023 Cloud Security Alliance.