Cisco releases Cloud Controls Framework


Cisco has released its Cloud Controls Framework (CCF) – a  set of international and national security compliance and certification requirements, aggregated in one framework – to the public.

The CCF is the foundational methodology for Cisco to accelerate certification achievements, the company said in a statement.

With this framework, organizations can define, implement, and demonstrate controls across SaaS portfolios, such as SOC 2, ISO 27001: 2013, ISO 27701, ISO 27017, ISO 22301, ISO 27018, Germany’s BSI C5, FedRAMP Tailored for the US public sector, the Spanish ENS, Japan’s ISMAP, PCI DSS v3.2.1, the EU Cloud Code of Conduct, and Australia’s IRAP, according to Cisco.

The CCF comes with guidance on how to implement these controls and the audit artifacts needed to demonstrate operating effectiveness.

You can find a blog announcing the framework from Cisco’s Prasant Vadlamudi here.

[mage courtesy: Cisco]