Auditing Cloud Security for STAR Certification
STAR Certification gives cloud service providers the ability to prove that their registration to the Cloud Security Alliance’s (CSA’s) Security, Trust and Assurance Registry (STAR) has been independently assessed against the new STAR certification maturity model.
The maturity model checks a service provider’s security performance against the CSA’s Cloud Controls Matrix (CCM) to award an overall grade.
Although only a certified STAR auditor from a certification body can recommend STAR certification, by learning how an organization can meet STAR certification, you can effectively prepare a cloud service provider for a STAR audit.
Led by an experienced tutor, this one day course will help you learn how to audit cloud security for the STAR certification programme and learn how to apply the maturity model when auditing a provider’s security controls.
Who should attend?
Suggetsed job roles include:
- Network security managers
- Information security consultants
- Cyber Security principals
- IT Risk and Security managers
This training course is HRDF approved under the SBL scheme.
What will I learn?
- What is the criteria for STAR certification
- What is the CCM and how it relates to ISO/IEC 27001
- How to define the specific control areas of the CCM and differentiate between them
- What maturity is and how the STAR certification maturity model works
- How to apply the maturity model when auditing a provider’s security controls
How will my organization benefit?
- Cloud service users would be able to conduct their own audit to check a provider’s ability to meet service level agreements
- Your business will be able to prepare for independent assessment against the STAR certification maturity model
- Your company can use your STAR certification credentials to help increase your competitive market advantage
- Customers of STAR certified service providers will have greater assurance the service they receive has been monitored and assessed to check its cloud security
- Better monitoring of security practices can lead to better overall levels of service provision
- Training course notes
- Loan copy of the standard (to be returned after the course)