CSA STAR (Security, Trust and Assurance Registry) Certification
The CSA STAR Certification is a thorough assessment of the security of a cloud service provider by a third party. The technology-neutral certification leverages the requirements of the ISO 27001 management system standard together with the CSA Cloud Controls Matrix (a specified set of criteria that measures the capability levels of the cloud service). Organizations that outsource cloud service providers, have a number of concerns about the security of their data and information. By achieving the STAR Certification, cloud providers of every size will be able to create confidence on their levels of security controls.
The STAR Certification is based upon achieving ISO 27001 and the specified set of criteria outlined in the Cloud Controls Matrix. An accredited independent CSA certification body assigns a ‘Management Capability’ score to each of the CCM security domains. Each domain is scored on a specific maturity and measured against five management principles. The internal report shows organizations how mature their processes are and what areas they need to improve on to reach an optimum level of maturity. These levels are designated as either “No”, “Bronze”, “Silver” or “Gold” awards. Certified organizations are listed on the CSA STAR Registry as “STAR Certified”.
Evaluates the efficiency of an organization’s ISMS and ensures the scope, processes and objectives are “Fit for Purpose”
Helps organizations to prioritize areas for improvement and lead them towards business excellence.
Enables effective comparison across other organizations in the applicable sector.
Users of cloud services
Cloud service providers
IT auditors and certification bodies
Security solution providers and consultants.