Recently, the development of cloud computing technology has brought not only an easier access on information, but also security issues on personal information in the cloud industry. In this response, Cloud Security Certification System is implemented to solve the various cloud security problems in Korea. However, it is difficult to see that the level of technical protection measures of the cloud security certification system is satisfied with all the technical protection measures required by the personal information protection laws and regulations. As a result, it was proposed that security products that are highly related to the contents of the personal information protection laws and regulations should be in line with the CC(common criteria) certified product group. In this paper, we propose items that the cloud security certification system should supplement from the viewpoint of security requirements that are compliant with the CC certified product line.