BSI certifies first three companies to CSA STAR Certification

BSI has completed its independent assessment of three companies to the new CSA STAR Certification scheme, with HP, Pulsant and Alibaba achieving Silver level.  The CSA STAR Certification was developed to give prospective customers a benchmark to measure a cloud service provider’s security controls.

In a ceremony held yesterday, Star Cement has been awarded the ISO 9001 QMS Certificate, ISO 14001 Environmental Management System Certificate, as well as the Occupational Health and Safety Management System (OHSAS) 18001 Certificate. These certificates have been awarded in recognition of Star Cement’s commitment to business excellence.

To get the CSA STAR Certification, each cloud service provider had to achieve ISO/IEC 27001 and be rigorously assessed to the CSA Cloud Control Matrix.  There are 11 control areas within this matrix covering compliance, data governance, facility security, human resources, information security, legal, operations management, risk management, release management, resilience and security architecture.  Each control was scored on a specific maturity and was measured against 5 management principles, giving a total that gave HP, Pulsant and Alibaba a CSA STAR Certification Silver award.

Gursharan Virdi, UK&I ISO/IEC 27001 Programme Manager, HP said “Being a major cloud service provider, we fully understood the importance of achieving CSA STAR Certification. This certification provides further assurance to our UK Government customers that we have gone the additional mile to differentiate our cloud offering from that of our peers.”

Fergus Kennedy, Head of Compliance and Information Systems, Pulsant commented “The CSA STAR Certification offers a path to improvement that’s truly rigorous.  And because it is audited by an independent body, it holds infinitely more weight than existing self-assessment/self-declaration models.  It is a testament to the Pulsant teams who design, deploy and manage our cloud platform that we were able to be one of the first to achieve this certification.”

Suzanne Fribbins, Risk Management Specialist at BSI adds “HP, Pulsant and Alibaba should be proud of their achievement in being the first to obtain the CSA STAR Certification.  It demonstrates their dedication to providing a secure cloud service.  By obtaining this certification it creates a transparency in the industry that will help consumers and businesses to evaluate the performance of a cloud service provider and offer reassurance that specific cloud security risks have been addressed. ” 

Daniele Catteddu, EMEA Managing Director for the Cloud Security Alliance concludes: "I'm very happy that we have the first three companies awarded with a CSA STAR Certificate.  HP, Pulsant and Alibaba are to be considered as pioneers and I'm sure that the market will reward them for their commitment to security and privacy."

HP, Pulsant and Alibaba will now be listed on the CSA STAR Registry:



About BSI 
BSI (British Standards Institution) is the business standards company that equips businesses with the necessary solutions to turn standards of best practice into habits of excellence. Formed in 1901, BSI was the world’s first National Standards Body and a founding member of the International Organization for Standardization (ISO). Over a century later it continues to facilitate business improvement across the globe by helping its clients drive performance, manage risk and grow sustainably through the adoption of international management systems standards, many of which BSI originated. Renowned for its marks of excellence including the consumer recognized BSI Kitemark™, BSI’s influence spans multiple sectors including aerospace, construction, energy, engineering, finance, healthcare, IT and retail. With over 70,000 clients in 150 countries, BSI is an organization whose standards inspire excellence across the globe.  
To learn more, please visit

About The Cloud Security Alliance
The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, visit us, and follow us on Twitter @cloudsa