Browse Resources
 | Release Date: 10/26/2021 This localized version of this publication was produced from the original source material (CCM, CAIQ) through the efforts of local organizations and the C... Request to download |
 | CCM v4 - Hungarian Translation Release Date: 10/19/2021 This localized version of this publication was produced from the original source material through the efforts of chapters and volunteers but the translate... Request to download |
 | Code of Practice for Implementing STAR Level 2 Release Date: 06/23/2021 This Code of Practice shows how you can apply the CCM control set in your organization to reach STAR Level 2 third party certification/attestation and als... Request to download |
 | STAR Level 1: Security Questionnaire (CAIQ v4) Release Date: 06/07/2021 The STAR Level 1: Security Questionnaire (CAIQ v4) offers an industry-accepted way to document what security controls exist in IaaS, PaaS, and SaaS services,... Request to download |
 | STAR Enabled Solution | CSA - OneTrust VRM Tool Release Date: 05/05/2021 The CSA-OneTrust Vendor Risk Management (VRM) tool automates the entire vendor management lifecycle, including onboarding and offboarding vendors, triaging v... Request to download |
 | CSA STAR Level 3 Focus Group Charter Release Date: 04/02/2021 The CSA STAR Level 3 Focus Group will advise on the scope, objectives, structure, go-to-market (GTM) strategy and value proposition for STAR Level 3... Request to download |
 | CSA STAR Certification Intake Form Release Date: 01/01/2021 The CSA STAR Certification is a rigorous third party independent assessment of the security of a cloud service provider. The technology-neutral certification... Request to download |
 | Value of STAR Level 1 for Cloud Customers - Letter Template Release Date: 04/16/2020 Use this letter template to help explain why your organization decided to use STAR Level 1 to minimize multiple customer questionnaires and increase trans... Request to download |
| PLA Code of Conduct (CoC): Statement of Adherence Self-Assessment Release Date: 11/19/2019 CSA PLA Code of Conduct for GDPR Compliance provides a consistent and comprehensive framework for complying with the EU’s GDPR. The CSA PLA Code of Conduct f... Request to download |
| Guidance for submitting the CSA Code of Conduct (CoC) for GDPR Compliance Self-Assessment Release Date: 11/19/2019 The CSA CoC for GDPR Compliance Self-Assessment is the voluntary publication of a CSP’s self-assessment results based on the requirements specified in the PL... Request to download |
 | Release Date: 08/03/2019 The CCM, the only meta-framework of cloud-specific security controls, mapped to leading standards, best practices and regulations. CCM provides organizations... Request to download |
 | CCM and CAIQ v3 (Japanese Translations) Release Date: 07/10/2019 This localized version of this publication was produced from the original source material (CCM, CAIQ) through the efforts of chapters and volunteers but t... Request to download |
| STAR Provider Verification Template Release Date: 07/16/2018 If you don’t already see your provider listed on the STAR registry submit a request to have them verified. Download this letter template and send it to your ... Request to download |
 | Release Date: 04/20/2015 The CSA STAR Program is a publicly accessible registry designed to recognize the varying assurance requirements and maturity levels of providers and consumer... Request to download |
| Publicizing Your STAR Certification Release Date: 09/03/2013 The following guidelines will help you to apply good practice in publicizing, communicating and promoting your certification to stakeholders, including staff... Request to download |