Cloud Security Alliance Attestation Services and Consulting

The Cloud Security Alliance (CSA) is a nonprofit organization that is dedicated to defining best practices to help ensure a more secure cloud computing environment. In 2013, the CSA and the British Standards Institution launched the Security, Trust & Assurance Registry (STAR), a free, publicly accessible registry in which CSPs can publish their CSA-related assessments.

CSA STAR is based on two key components of the CSA GRC Stack:

Cloud Controls Matrix (CCM): a controls framework covering fundamental security principles across 16 domains to help cloud customers assess the overall security risk of a CSP.
The Consensus Assessments Initiative Questionnaire (CAIQ): a set of more than 140 questions based on the CCM that a customer or cloud auditor may want to ask of CSPs to assess their compliance with CSA best practices.

Our Cloud Security Alliance (CSA) Services

Riskpro provides support in both types of STAR certification and attestation.

CSA Star Certification

The CSA STAR Certification is a third party assessment of the security of a cloud service provider (CSP) that leverages the requirements of the ISO/IEC 27001:2013 (ISO 27001) management system standard together with the CSA Cloud Controls Matrix (CCM).

CSA Star Attestation

The CSA STAR Attestation is a third party independent assessment of the security of a CSP. CSA STAR Attestation is a collaboration between the CSA and the American Institute of CPAs (AICPA) to provide guidance for CPA firms (or service auditors) to conduct STAR Attestations using criteria from the AICPA Trust Services Principles (TSP) and the Cloud Control Matrix (CCM). This assessment utilizes the SOC 2 framework to report on the suitability of the design and operating effectiveness of a CSP’s controls relevant to Security, Availability, Confidentiality, and the effectiveness of these controls.

CSA audits can be combined with SOC2 frameworks to issue SOC2+ audit reports.

Riskpro has conducted more than 30 SOC 2 and SSAE audits.

Contact

For more information, please contact manoj.jain@riskpro.in

More Info: 
Manoj Jain: 9833767114, manoj.jain@riskpro.in
Tags: 
Tags: 

Other Services of Interest

  • Cloud Security - Knowledge Snippets

    Riskpro presents a series of 5 articles / newsletters on cloud security. Cloud computing is attractive because it offers agility, resiliency and economy to organisations which adopt it. What is less...
  • Corporate Training Ideas - Risk Management and Compliance

    The following training options are appropriate for Banks, NBFC and small banks. • Basic fundamentals of Risk Management (half day) o Including Fraud, Reputational Risk issues also apart from...
  • Third Party Risk Management (TPRM) - Webinar

    EVENT OVERVIEW: TPRM or Third Party Risk Management is not a new concept, but something that needs to be addressed today. With Cybersecurity, Privacy issues emerging every day, often we find that...
  • Global Compliances - Free Webinar on key Global Regulations

    EVENT OVERVIEW: Riskpro India is conducting a free webinar on how to be future ready with respect to Global Compliances. Alleviate risk and strengthen your control on global compliance with this...
  • Sarbanes Oxley (SOX) Compliance - Free Webinar

    EVENT OVERVIEW: Riskpro India is conducting a free webinar on SOX (Sarbanes Oxley) Compliance which will take you through the applicability and requirements of the SOX 404 and 302 Act. The...
  • Internal Audit and IT Audit on Temporary Basis

    Due to the importance of regulatory compliances, it has become essential that companies are able to audit the business operations effectively. To meet this growing demand, Riskpro India offers...
  • India: Data Protection Services

    The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years. Now India has its own version of Data protection regulation that will change...
  • Fire Safety Assessments and Training

    Some of our features of Fire Safety Assessments and Training • Fire Science • The common causes of fire • Identify fire hazards • Types of fires and extinguishers • Fire...
  • Go to top