STA-03: SSRM Guidance

CSF v1.1 References:

PF v1.0 References:

Info icon.

Control is new to this version of the control set.

Control Statement

Provide SSRM Guidance to the CSC detailing information about the SSRM applicability throughout the supply chain.

Implementation Guidance

Shared security responsibility model guidance should include references describing SSRM applicability throughout the supply chain.

Auditing Guidance

  1. Examine whether SSRM guidance documentation has been approved by management and communicated to CSCs.
  2. Examine the process for review of SSRM Guidance if required.

(Note: This control applies to an Organization that is in the role of a CSP).

[ Note: For more information on the Cloud Controls Matrix, visit the CSA Cloud Controls Matrix Homepage.]

Cloud Control Matrix is Copyright 2023 Cloud Security Alliance.