CSA STAR Certification is a unique new scheme developed to address specific issues relating to cloud security as an enhancement to ISO/IEC 27001. Whilst ISO/IEC 27001 standard is widely recognized and respected, its requirements are more generic and therefore there can be a perception that it does not focus on certain areas of security that are critical to particular sectors such as the cloud computing sector. We can help with CSA STAR Certification.
To respond to growing business concerns the Cloud Security Alliance (CSA), a not for profit organization with a mission to promote best practice in cloud computing, created the Cloud Control Matrix (CCM). Developed in conjunction with an industry working group, it specifies common controls which are relevant for cloud security.
In partnership with CSA, BSI has developed CSA STAR Certification based on the matrix, which certifies a client against the controls. It awards a Gold, Silver or Bronze rating depending on how well the system has been embedded within the organization.
This new scheme will assist in the adoption of cloud services by business. It will promote greater transparency and allow Cloud Service Providers (CSPs) to give their stakeholders confidence that they have the necessary controls in place to secure the data they hold.