CSA Cloud STAR Certification

Cloud Bytes

CSA STAR Certification: Increasing Transparency and Trust in the Cloud

Cloud Service Providers (CSP’s) have unique information risks while end users are concerned with the security of their information and whether they can trust CSP’s. The CSA STAR Certification is a rigorous third party independent assessment of the security of a CSP. The technology-neutral certification leverages the requirements of the ISO/IEC 27001:2005 management system standard together with the additional controls in CSA Cloud Controls Matrix, a specified set of criteria that measures the capability levels of the cloud service.

Details discussed will include specifics on the following:

  • Integrating the ISO 27001 certification with a proven benchmark process analysis and evaluation system to provide a transparent and consistent monitoring process.
  • How the CSA STAR Certification can assist in helping organizations meet G-Cloud requirements
  • Level 3 under development based on a continuous auditing/assessment of relevant security properties.
  • Explaining the new international standards and initiatives currently under development which will take aim at cloud services, privacy, and vendor management

Download translations of this presentation:

About the Speaker

John DiMaria, Open Certification Framework Co-chair and CloudTrust Protocol Co-Chair
John DiMaria is the ISO Product Manager for BSI Group America Inc and Co-Chair of the CSA OCF and CTP Working Groups He has 28 years of successful experience in Management System Development, including Information Systems, and Quality Assurance. John is responsible for overseeing, product roll-out, and client/sales education. He is a product spokesperson for BSI Group America, Inc. regarding all product standards covering Risk, Quality, Sustainability and Regulatory Compliance.

John has been featured in many publications concerning various topics regarding information security, sustainability and business continuity such as Computer World, Quality Magazine, Continuity Insights, ABA Banking Journal, CPM Magazine, and Disaster Recovery Journal, contributor to the American Bar Association Cybersecurity Guidebook and featured on the cover of PENTEST Magazine.