Certified STAR Auditor

STAR Certification gives cloud service providers the ability to prove that their cloud controls have been independently assessed against the STAR certification maturity model. Certified clients will appear on the CSA’s STAR Registry.

The maturity model checks a service provider’s security performance against the CSA’s Cloud Controls Matrix (CCM) to award an overall grade. 

Only a certified STAR auditor can assess a service provider against the CCM to recommend STAR Certification.

Led by an experienced tutor, this two-day course will help you learn how to conduct an audit for STAR certification and will work through a detailed case study to teach you how to determine a rating for STAR certification. To successfully complete this course, you will need to pass an examination.

Who should attend?

Only ISO/IEC 27001 qualified auditors working for certification bodies accredited by an International Accreditation Forum (IAF) member to ISO/IEC 27006 can take this course.

Learning objectives

  • How to define the specific control areas of the CCM and differentiate between them
  • What maturity is and how the STAR certification maturity model works
  • How to apply the maturity model when auditing a provider’s security controls
  • How to calculate a maturity score for each CCM control area
  • How to derive a provider’s maturity level from the maturity scores
  • How to recommend STAR certification

Course Benefits

  • As a recognized certification body, your organization will be able to conduct STAR audits and award STAR Certification 
  • Provides confidence to your clients that their information is secure
  • Provides assurance to your employees that they are conducting safe business practices

Next Steps