Working Group

Requirements for Bodies Providing STAR Certification

This document outlines how to conduct a STAR certification assessments to the Cloud Controls Matrix (CCM) as part of an ISO 27001 assessment.

Guidelines for CPAs Providing CSA STAR Attestation v2

This document provides guidance for CPAs in conducting a STAR Attestation. It includes relevant information including: professional requireme...

Open Certification Framework Working Group Charter

The CSA Open Certification Framework (OCF) is an industry initiative to allow global, trusted independent evaluation of cloud providers. It i...

STAR Continuous Increasing Trust and Integrity Brochure

STAR Continuous Technical Guidance

STAR Continuous specifies the necessary activities and conditions for the continuous auditing of the cloud service over a defined set of secu...

Streamlining Vendor IT Security and Risk Assessments

A perspective on standards-based assurance of Cloud Providers.

CSA STAR Program & Open Certification Framework in 2016 and Beyond

The Cloud Security Alliance (CSA) Security, Trust and Assurance Registry (STAR) program is the industry’s leading trust mark for cloud securi...

STAR Overview PDF

The CSA STAR Program is a publicly accessible registry designed to recognize the varying assurance requirements and maturity levels of provid...

STAR Certification Guidance Document: Auditing the Cloud Controls Matrix (CCM)

There are a number of control areas on the CCM that will each be awarded a management capability score on a scale of 1-15. This 2nd version r...

Publicizing Your STAR Certification

The following guidelines will help you to apply good practice in publicizing, communicating and promoting your certification to stakeholders,...

OCF Vision Statement

The CSA Open Certification Framework is a program for flexible, incremental and multi-layered cloud provider certification according to the C...