CSA STAR Attestation—CSA STAR Attestation is an auditing procedure to report on the examination of the implementation of trust service principles (TSP) and cloud-specific control objectives (CCM). CSA STAR Attestation can be considered as a SOC 2 Type 2 attestation augmented by CCM requirements. It was created thanks to a collaboration between CSA and the American Institute of CPAs (AICPA) to provide guidelines for CPAs to conduct SOC 2 engagements using criteria from the AICPA (Trust Service Principles, AT 101) and the CSA Cloud Controls Matrix. CCAK Guide - Page: 372
To qualify for CSA STAR attestation for a particular cloud system, the SOC 2 report must cover Cloud Control Matrix (CCM) and ISO/IEC 27001:2013 controls. The Cloud Security Alliance (CSA) Security, Trust & Assurance Registry (STAR) is a publicly accessible registry that documents the security controls provided by various cloud computing offerings. The CSA STAR attestation is a rigorous third-party independent assessment of cloud providers that is based on the Cloud Controls Matrix (CCM) and the ISO/IEC 27001:2013 standard. The CCM is a cybersecurity control framework for cloud computing that is considered the de-facto standard for cloud security and privacy. ISO/IEC 27001:2013 is an international standard that provides a framework for information security management systems (ISMS).
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
SafiT
1 day, 7 hours agosai_murthy
9 months, 1 week agovsgsds
9 months, 3 weeks agoats20
10 months, 4 weeks ago