Certifying to CSA STAR Certification

Show clients that you have addressed specific issues relating to cloud security as an enhancement to your ISO/IEC 27001 certification. CSA STAR Certification can boost customer and stakeholder confidence, enhance your corporate reputation and give your business a competitive advantage.

How to get CSA STAR Certification

We make the certification process simple. After we have received your application we appoint a client manager, with the skill set to match your organization, to guide your business through the following steps:

1. Gap analysis    

This is an optional pre-assessment service where we take a closer look at your existing system and compare it with the CSA STAR Certification requirements. This helps identify areas that need more work before we carry out a formal assessment, saving you time and money.    


2. Formal assessment    

BSI will assess your cloud controls in a formal assessment usually as part of your ISO/IEC 27001 assessment. At this stage you will be awarded a Gold, Silver or Bronze rating on your audit report only depending on the level of maturity of your system.     


3. Certification and beyond    

When you have passed the formal assessment you will receive a STAR certificate, which is valid for three years. And your company will also appear on the STAR registry held by the CSA although for confidentiality purposes the level awarded will not be divulged. You may share that upon request. Your client manager will stay in touch during this time, paying you regular visits to make sure your system doesn’t just remain compliant, but that it continually improves. 

CSA STAR Certification brings big benefits to companies of all sizes

Confidence, reputation and more business can come with CSA STAR Certification as more customers ask for proof of these measures. CSA STAR Certification helps:

  • Provide top management with full visibility to evaluate the effectiveness of their management system in relation to expectations of the cloud security industry and ISO/IEC 27001   
  • A tailored audit to be implemented, which will reflect how an organization’s objectives are aimed at optimizing the cloud services   
  • An organization to demonstrate progress and performance levels via an independently validated award from an external certified body   
  • Organizations to benchmark their performance against their peers

Additionally for customers of cloud service providers, CSA STAR Certification will provide a greater understanding of the level of controls that are in place.