CloudAudit delivers it’s first batch of cloud compliance specifications. Quoting from the announcement:
“The CloudAudit initial distribution features five elements:
1) The CloudAudit normative specification in .txt format [cloudaudit-specification_draft.txt]
2) The CloudAudit CompliancePacks archive of .xls files which map controls/control objectives to namespaces based upon the Cloud Security Alliance Control Matrix [cloudaudit-compliancepacks.zip]
3) The CloudAudit namespaces archive which represents a complete CloudAudit directory tree representation of all CompliancePacks with placeholder index.html/manifest.xml created in each directory stub [cloudaudit-namespaces.zip]
4) The CloudAudit Python script pack which automates the creation of the CloudAudit namespaces above [cloudaudit-namespace_creator.zip]
5) A README.txt file [this content]”
and
“The CompliancePacks map control objectives to specific namespace entities which are contained below and feature NIST SP800-53, PCI DSS, HIPAA, ISO27002 and COBIT compliance frameworks. Ultimately these directories are where a Cloud Provider will store and secure the assertions and supporting materials related to each compliance framework or assertion.” [<- the bold part is kinda the whole point :-) A.C.]
Grab the mammoth itself here [ZIP].
Enjoy!
