In the last 24 months, the Cloud Security Alliance (CSA)has made great strides in enhancing theirCSA Security, Trust and Assurance Registry (STAR) Program. In brief, the STAR Program is a publicly available registry designed to recognize assurance requirements and maturity levels of cloud service providers (CSPs). Prior to issuing the guidance for STAR Certification and STAR Attestation, a CSP could only perform a self-assessment, which meant completing the Consensus Assessments Initiative questionnaire (CAIQ) and making the responses publicly available on the CSA Register. The CAIQ was completed in several different ways and the content varied from short answers to full-page responses. It was relevant information but not independently validated. This created a path for the STAR Certification and STAR Attestation Programs.
Join Schellman during a complimentary webinar titled “CSA STAR Program: Attestation and Certification”. The webinar will be held on May 13th from 12:00pm EST to 1:00pm EST and will provide one (1) hour of CPE. Debbie Zaller, Schellman Principal, and Ryan Mackie, Practice Leader, STAR Program, will provide an in-depth discussion on the opportunities to undergo third party assessments, through the CSA STAR Programs, to validate maturity level or control activities.
Organizations, specifically cloud service providers, are continuously working to provide confidence to their customers regarding the security and operating effectiveness of their controls supporting the cloud and the STAR Certification and STAR Attestation options provided by the CSA allow for these organizations to further establish confidence in the market,” said Ryan Mackie. “This webinar is a practical introduction to the STAR Level 2 offerings, outlining their benefits, requirements, and process, and how these types of third party validation can clearly compliment a cloud provider’s governance and risk management system.”
This informative webinar will provide:
- An overview and journey of the CSA STAR Programs
- A definition of the CCM framework
- An overview of the Certification and Attestation purpose and scope
- The process and preparations
- A discussion of the common challenges and benefits
ABOUT THE SPEAKERS
Debbie Zaller leads Schellman’s CSA STAR Attestation and SOC 2 services practice where she is responsible for internal training, methodology creation, and quality reporting. Debbie has performed over 150 SOC 2 assessments and Debbie also holds a Certificate of Cloud Security Knowledge (CCSK).
Ryan Mackie leads Schellman’s CSA STAR Certification and ISO 27001 certification services practice where he is an integral part of the methodology creation and the planning and execution of assessments. Ryan has performed over 100 ISO 27001 assessments and is a certified ISO 27001 Lead Auditor trainer.
Avani Desai, Executive Vice President, Schellman
[Cloud Security Alliance Blog]