Register

What is the Cloud Security Alliance and the STAR program?

The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to “promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing.”


The CSA’s mission is to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The CSA is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders.


The CSA Cloud Controls Matrix (CCM) is a tool that provides a set of security controls and activities to help cloud computing service providers and their customers understand the security requirements and controls, and their relationships to each other. The Cloud Security Alliance have developed a self-assessment tool which is called the Consensus Assessments Initiative Questionnaire (CAIQ). The CAIQ can be used to conduct a self-assessment against the CCM. The CAIQ will generate a report which is a detailed description of the cloud vendor’s security controls and how these controls are applied.

FAQ

Who can use the Cloud Control Matrix?

The CCM can be used by cloud vendors and cloud customers.

Cloud vendors can use the CCM as a framework for building their own security control framework and it can be used as a starting point for their own security risk assessments.

A cloud vendor can demonstrate their maturity and ability to apply the CCM by self-assessing their security controls against the CCM and then providing this self-assessment to their customers.

Download additional compliance reports from the Exoscale compliance center.

Exoscale

Contact our Compliance Team

A doubt? Unsure if we comply to a specific regulation not listed here?

Contact our Compliance Team and let us know your requirements. It may be covered by other certifications or regulations we comply to.