Financial Services Stakeholder Platform Working Group
Download the Financial Services Stakeholder Platform Working Group Charter
Eligible members are:
CSA enterprise customer corporate members operating in the financial institution (FIs) sector
CSA solution provider corporate members (Cloud Service Providers). Additional fees apply, for more info contact: Contact [email protected]
financial services regulators / supervisory authority / central banks (Regulators), and for the CSA Enterprise Customer Members operating in the financial sectors.
Scope and Objectives
CLOUD SECURITY ALLIANCE Financial Services Stakeholder Platform Charter, 2015
The high level goals of the FSSP are to increase the level of assurance and trust in the cloud market,
and to facilitate the adoption of secure cloud service in the financial sector.
The FSSP will have a global geographical scope. It will build on the initial results of the FSWG and on
the recommendations contained in the report “Risks and Opportunities for the Financial Sector in the
Cloud” commissioned to CSA by ENISA. It will seek to define:
Global best practices and de-facto standards in the areas of cloud governance and risk management
Regional (EU, APAC, Americas) and global mechanisms for security and privacy compliance
Global best practices and de-facto standards for incident information sharing
Technical solutions that can improve the security capabilities of the financial sectors
Recommendations addressed to policy makers and regulators
Awareness and educational materials addressed to regulators, financial service risk/security/compliance/audit officers, and cloud service providers
The FSSP will work in close collaboration with relevant CSA Working Groups, including Open Certification Framework (OCF), Cloud Controls Matrix (CCM), Consensus Assessment Initiative (CAI), Privacy Legal Agreement (PLA) and others
Financial Services Stakeholder Platform Working Group Leadership
Financial Services Stakeholder Platform Advisors
Senior Analyst and Researcher at Cloud Security Alliance
Damir Savanovic is a Senior Analyst and Researcher at Cloud Security Alliance. In past Damir worked as Chief Information Security Officer and IT Quality Manager in SKB, Société Générale Group, where he had a key role in planning, organising, managing and controling the functions of information security in the bank. He developed standards, recommendations and guidelines for information security based on ISO 27001 and PCI DSS and before that for quality of IT processes based on COBIT and ITIL frameworks. Before joining Société Générale Group, Damir worked as Information Systems Auditor at Ernst & Young. His field of expertise is information security, cloud computing and assurance. He worked in variety of industries including financial, telecommunications, manufacturing and retail in the Central Eastern Europe. Damir has performed multiple information system audits, security and compliance audits in various banks and financial institutions in the region. With his broad knowledge of information security and understanding of IT and business processes, he is capable of communicating technical topics to business managers. He is very active in the community as board member of CSA Slovenia chapter and ISACA Slovenia chapter. Damir graduated from University of Ljubljana (Slovenia) in Information Technology and holds CCSK, CISM and CISA certifications.
Financial Services Stakeholder Platform Working Group Initiatives
- [x] FSI Survey Report - Q3 2016
- [x] Architecture and Deployment Models - Q4 2016
- [ ] Guidelines for Risk Assessment in the Cloud Q1 2017
- [ ] Security and Privacy Controls for the Cloud in the Financial Sector -Q1 2017
- [ ] Service Level Management - Q1 2017
- [ ] Certification & Assurance - Q1 2017
Please contact Financial Services Stakeholder Platform Working Group Leadership for more information.
Thanks for your interest!
Your request to join Financial Services Stakeholder Platform has been recorded. Someone will be in touch with you soon with more instructions.
Financial Services Stakeholder Platform Working Group Downloads
We circulated the “How Cloud is Being Used in the Financial Sector” survey to IT and security professionals in financial services institutions. The goal was to further the discussion to these topics: Describe your company’s approach to cloud computing. Describe your private cloud policy. What is your corporate risk assessment to cloud computing? What features…
Release Date: March 05, 2015