CSA STAR

CSA STAR

  • CSA STAR Framework: CSA STAR stands for Security, Trust, Assurance, and Risk, and is designed specifically for cloud providers to ensure a secure cloud computing environment.

  • Cloud Controls Matrix (CCM): The CCM is a cybersecurity control framework for cloud computing, consisting of 197 control objectives across 17 domains.

  • Levels of Assurance: There are two levels of assurance for CSA STAR compliance:

    • Level 1: Self-assessment using the Consensus Assessment Initiative Questionnaire (CAIQ).

    • Level 2: Third-party assessment, which includes STAR attestation for SOC 2 and STAR certification for ISO/IEC 27001.

PreviousFedRAMPNextSOX

Last updated