The document discusses compliance and certification in the public cloud. It introduces the Cloud Security Alliance's Open Certification Framework, which provides three levels of trust and assurance for cloud consumers. Level 1 is the CSA STAR registry, a public registry of cloud provider self-assessments. Level 2 is CSA STAR Certification, which evaluates a cloud provider's information security management system. Level 3 is CSA STAR Attestation, which is based on the AICPA SOC 2 attestation standard supplemented by the Cloud Controls Matrix. The framework aims to build trust and transparency between cloud providers and consumers.
Handwritten Text Recognition for manuscripts and early printed texts
Compliance in Public Cloud & CSA Framework
1. Compliance in the Public Cloud
and the
Cloud Security Alliance's
Open Certification Framework
Dr David Ross
CISO, Bridge Point Communications
Founding Director, Cloud Security Alliance Australia Chapter
2. • Security issues encountered with cloud services
• Trust Issues
• Governance, Compliance, Control, Assurance and Certification
• Open Certification Framework
– STAR Certification
– STAR Attestation
2
A collaboration of a number of security experts
from the Cloud Security Alliance in Australia