the Cloud Security Alliance (CSA) controls matrix. No single industry framework is perfect, and best practice guidelines and standards must be adapted to a particular organization. The cloud security matrix suggests a number of practical issues that must be considered when applying security to cloud computing and cloud services.

Comment on the strengths and weaknesses of the control matrix.

Do you think it provides controls for all cloud security concerns or are there any areas that are not addressed?

Are the controls reasonable and cost effective for organizations of all sizes? Give reasons for your answer.