Bonus $100
Promo Codes 2024
Users' Choice
90
89
88
85

CSA opens multi-level certification framework for cloud providers

21 Aug 2012
00:00
Read More

The Cloud Security Alliance partnered with British Standards Institution to develop a three-level open certification framework for cloud service providers.

This CSA-BSI partnership aims to ensure the Open Certification Framework is in line with international standards and is based upon a comprehensive certification process.

Formed in 1901, BSI was the world's first national standards body and a founding member of the International Organization for Standardization (ISO).

As an industry initiative, the CSA Open Certification was developed along CSA's security guidance and control objectives to offer cloud providers a trusted global certification scheme. The program will support an independent third-party assessment and attestation statements developed within the public accounting community.

3-level framework

Structured in three levels, each level of the Open Certification Framework will provide an incremental level of trust and transparency to the operations of cloud service providers, and a higher level of assurance to the cloud consumer.

1. Self Assessment -- At this first level, CSA STAR Cloud providers can submit reports to the CSA STAR Registry https://cloudsecurityalliance.org/star/ to indicate their compliance with CSA best practices. This is currently available.

2. Third-party independent assessment -- At this second level, CSA STAR certification will combine with requirements of the ISO/IEC 27001:2005 management systems standard with that of the CSA Cloud Controls Matrix (CCM). These assessments will be conducted by approved certification bodies only. This is scheduled to release in the first half of 2013.

3. Continuous monitoring-based certification -- Currently under development, this will further enhance the STAR Certification.

.

Related content

Rating: 5