A Cloud Security Alliance (CSA) Security, Trust, Assurance and Risk (STAR) certification audit from SGS will help you to ensure that your organization adopts cloud services by promoting greater transparency and shared responsibility.
If your organization provides or uses cloud services, you need to learn about the CSA STAR. The standard should be alongside an ISO/IEC 27001-compliant information security management system (ISMS).
CSA STAR certification involves a rigorous, independent third-party assessment of the security posture. CSPs and customers can demonstrate adherence to this well-established, globally recognized security control specific to cloud services. It is based on achieving ISO/IEC 27001 certification and criteria specified in the Cloud Controls Matrix (CCM).
Certification also demonstrates that applicable cloud security issues have been assessed against the STAR Capability Maturity Model for managing activities in CCM control areas.
Together with an existing ISO/IEC 27001 certificate, CSA STAR certification provides evidence of an actively managed cloud security program.
The long-term benefits of CSA STAR certification include:
- Industry-recognized, third-party certification based on the CSA requirements catalog
- Create more confidence, reputation and business as customers ask for proof of cloud security measures
- Provide top management with visibility to evaluate their management system relating to cloud security industry expectations and ISO/IEC 27001
- Showcase how your organization aims to optimize cloud services
- Demonstrate progress and performance through an independently validated award from an external certified body
- Benchmark performance against your peers
How can SGS help?
With years of worldwide experience in information security, we can help you along the path to certification with a CSA STAR audit. Your audit can include a gap assessment and benchmarking. We will determine your level of information security competence and provide advice on how to achieve ongoing improvement.