This mapping compares the requirements of CSA’s Cloud Controls Matrix (CCM) to the relevant categories within the 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy (With Revised Points of Focus - 2022) (TSC).
The TSC are outcome-based criteria designed to be used when evaluating whether a system and related controls are effective to provide reasonable assurance of achieving the objectives that management has established for the system. To design an effective system, management first has to