CAMM Mission Statement
In an age that would seem to be rife with successful Cyber-Attacks, leveraging on security exposures, and vulnerabilities, this must dictate that not only operational systems, and infrastructure are made secure, but that the very applications upon which the delivery of services relies upon are fully robust. With the advent of emerging Cloud opportunities, organisations are looking to specialist Cloud Providers to provision services such as AaaS, PaaS, IaaS, to name but just three areas of cloud provisioned technologies. However, as with any operational exercise which involves placing the organisational valuable, and sensitive assets into the hands of a third party, will always raise questions around 1) Security, 2) Governance, and 3) Compliance.
It is in this area in which the CAMM robust Maturity Model of Security Controls can measure, estimate, and report on the Operational Profile of the selected Cloud Provider. With the CAMM approach, no matter the size of the organisation seeking to place part, or all of their operations into the Cloud, CAMM will provision a top down transparent view of the providers capabilities in the areas of Security, Governance, and Compliance. Thus eradicating the need for the organisation conducting expensive in-depth on-site Due Diligence inspections, and the associated areas of challenge to assure the results are fully consistent.
It is also in this area where the CAMM methodology is of high value. Based on aggregated experts opinion, and guidance from a wide range of contributing organisations, drawn from the world’s top Commercial Organisations, Security Associations, and Government Agencies, who have attended global CAMM meetings and events. These partners have advise, contributed, input, and steered CAMM into a fully enabled, and operational state which provisions the most robust security controls of operational measurements, to assess, and report on any Cloud Providers profile.
The CAMM methodology seeks to provide any subscriber of its services with a spectrum of reporting that covers all eventualities, and options. Thus CAMM fully interfaces into selective Standards, such as PCI-DSS, SOX, DPA, SAS70 to introduce but a small number of the areas under the robust focus of CAMM.
It is also the objective of CAMM to provision continuous monitoring reporting, and inspection of any subscribed Cloud Providers profile to assure that it is maintained fully consistent as was at day one. Only in this way can any subscribing organisation into a Cloud environment be fully assured that their interests remain extant with their day one operational engagement.
In an age that would seem to be rife with successful Cyber-Attacks, leveraging on security exposures, and vulnerabilities, this must dictate that not only operational systems, and infrastructure are made secure, but that the very applications upon which the delivery of services relies upon are fully robust. With the advent of emerging Cloud opportunities, organisations are looking to specialist Cloud Providers to provision services such as AaaS, PaaS, IaaS, to name but just three areas of cloud provisioned technologies. However, as with any operational exercise which involves placing the organisational valuable, and sensitive assets into the hands of a third party, will always raise questions around 1) Security, 2) Governance, and 3) Compliance.
It is in this area in which the CAMM robust Maturity Model of Security Controls can measure, estimate, and report on the Operational Profile of the selected Cloud Provider. With the CAMM approach, no matter the size of the organisation seeking to place part, or all of their operations into the Cloud, CAMM will provision a top down transparent view of the providers capabilities in the areas of Security, Governance, and Compliance. Thus eradicating the need for the organisation conducting expensive in-depth on-site Due Diligence inspections, and the associated areas of challenge to assure the results are fully consistent.
It is also in this area where the CAMM methodology is of high value. Based on aggregated experts opinion, and guidance from a wide range of contributing organisations, drawn from the world’s top Commercial Organisations, Security Associations, and Government Agencies, who have attended global CAMM meetings and events. These partners have advise, contributed, input, and steered CAMM into a fully enabled, and operational state which provisions the most robust security controls of operational measurements, to assess, and report on any Cloud Providers profile.
The CAMM methodology seeks to provide any subscriber of its services with a spectrum of reporting that covers all eventualities, and options. Thus CAMM fully interfaces into selective Standards, such as PCI-DSS, SOX, DPA, SAS70 to introduce but a small number of the areas under the robust focus of CAMM.
It is also the objective of CAMM to provision continuous monitoring reporting, and inspection of any subscribed Cloud Providers profile to assure that it is maintained fully consistent as was at day one. Only in this way can any subscribing organisation into a Cloud environment be fully assured that their interests remain extant with their day one operational engagement.