Cloud Security Alliance offers an industry-accepted way to document what security controls exist in IaaS, PaaS, and SaaS services. It provides a set of Yes/No questions a cloud consumer and cloud auditor may wish to ask of a cloud provider to ascertain compliance to the CSA Cloud Controls Matrix (CCM).