The Challenge
As a growing majority of companies now rely on 3rd party cloud based environments for business services, there is a demand for those organisations to prove their security credentials.
The Cloud Security Alliance (CSA) operate the Security, Trust, Assurance, and Risk (STAR) Registry which is a publicly accessible registry that documents the security and privacy controls provided by popular cloud computing offerings. STAR encompasses the key principles of transparency, rigorous auditing, and harmonisation of standards outlined in the Cloud Controls Matrix (CCM).
Navigating through the CSA Cloud Controls Matrix (CCM) can be onerous as the current checklist includes 261 questions across all relevant aspects of a cloud computing provider’s security.
The Service
BH Consulting provide CSA Cloud Controls Matrix Readiness Assessments and Alignment Services
As well as assistance to align with the security controls in the Cloud Controls Matrix, services also include:
BH Consulting help cloud providers to understand and meet the requirements of the Cloud Controls Matrix (CCM) and then assist them to complete the Consensus Assessments Initiative Questionnaire (CAIQ) to document compliance with the CCM.
This information then becomes publicly available, promoting industry transparency and providing customer visibility into specific provider security practices. STAR Self-Assessments are updated annually.
The Benefits
