Cloud 101CircleEventsBlog
CSA's Continuous Audit Metrics Working Group is expanding! Help shape the future of cloud assurance.

STAR Registry Listing for


Founded in 2013 by the Cloud Security Alliance, the Security Trust Assurance and Risk (STAR) registry encompasses key principles of transparency, rigorous auditing, and cloud security and privacy best practices.


Shareholding Disclosure

FundApps Shareholding Disclosure service helps compliance professionals with shareholding disclosure requirements, prove adherence to regulation and mitigate reputational risk to avoid fines.
FundApps’ outsourced, managed service combines a rules engine with a team of compliance professionals and legal information from aosphere (an affiliate of Allen & Overy) and other regulatory data sources.
FundApps automates disclosure requirements such as major shareholding, 13F reporting, short selling (including EU Short Selling Rules, takeover panels, issuer limits, and issuer requests (such as Section 793).

Position Limits

FundApps' Position Limits is a managed service for financial institutions, who trade derivative contracts on multiple exchanges. It combines a rules engine with a dedicated team of compliance professionals and up to date contract limits and exchange data. It helps compliance managers monitor holdings against position limits for exchange-traded contracts resulting from MiFID II regulation, as well as limits imposed by regulatory bodies such as the United States’ Community Futures Trading Commission (CFTC).

Sensitive Industries

The first managed service for sensitive industries

  • Avoid regulatory fines & reputational damage
  • Decommission error-prone internal systems
  • Cut dependency & cost of external counsel
  • Get rid of inadequate third party solutions
  • Retire confusing reports - everything in one place
Information about FundApps
Listed Since: 05/24/2021
Last Updated: 02/06/2024

STAR Level 1

Self-Assessment & Partner-Provided

Consensus Assessments Initiative Questionnaire v4.0.2

CAIQ 4.0.2 Self-assessment
Offers an industry-accepted way to document what security controls exist in IaaS, PaaS, and SaaS services. It provides a set of Yes/No questions a cloud consumer and cloud auditor may wish to ask of a cloud provider to ascertain their compliance to the CSA Cloud Controls Matrix (CCM).