CSA Security Update
CSA STAR is the industry's most powerful program for security assurance in the cloud.The Security Trust Assurance and Risk (STAR) Program encompasses key principles of transparency, rigorous auditing, and harmonization of standards. Companies who use STAR indicate best practices and validate the security posture of their cloud offerings.This podcast series explores CSA STAR as well as CSA best practices and research along with associated technologies and tools.
CSA Security Update
CSA STAR + SOC2 - From Readiness to Attestation
As organizations look to cloud services to process more sensitive and critical data, security and risk management teams require tools to quickly assess and understand the types and rigor of security controls applied by cloud service providers. CSA STAR Attestation is the first cloud-specific attestation program designed to meet this need. CSA STAR Attestation is a collaboration between CSA and the AICPA to provide guidelines for CPAs to conduct SOC 2 engagements using criteria from the AICPA (Trust Service Principles, AT 101) and the CSA Cloud Controls Matrix.
1. What is CSA STAR & SOC2? What is CSA STAR & SOC2?
2. What are the prevalent business drivers which lead to the necessity of obtaining a CSA STAR & SOC2 attestation?
3. Why should my business plan for a CSA STAR & SOC2 rather than react to the demand for the attestation?
Join us as we interview Audrey Katcher; partner of RubinBrown’s Business Advisory Services Group, overseeing the group’s Information Technology Risk Services. She also serves as the Open Certification Framework Working group liaison for AICPA and made a significant contribution to the STAR Attestation guidelines.
Listen as Audrey answers these questions and more regarding STAR Attestation and the assessment process.
https://cloudsecurityalliance.org/star/