Advanced Auditing for CSA Star Certification
In conjunction with the CSA, BSI has developed the CSA STAR Certification scheme to
measure the robustness and performance of cloud security. It gives cloud service
providers the ability to prove that their registration to the Cloud Security
Alliance's (CSA's) Security, Trust and Assurance Registry (STAR) has been
independently assessed against the new CSA STAR certification maturity model.
Led by an experienced tutor, this advanced course commences with the 1 day
“Auditing Cloud Security for CSA STAR Certification” programme before
concentrating on how a CSA STAR rating is determined using a detailed case study
on day 2.
By attending this course delegates will learn how to effectively prepare a cloud service
provider for a CSA STAR audit and have sufficient knowledge and skills to conduct 1st
and 2nd party audits.
Upon completion of this training, students will be able to:
- Define the criteria for STAR certification
- Describe the CCM and how it relates to ISO/IEC 27001
- Define the specific control areas of the CCM and differentiate between them
- Explain what maturity is and how the STAR certification maturity model works
- Describe what maturity is and how the STAR certification maturity model works
- Demonstrate how to apply the maturity model when auditing a provider's security controls
- Apply the maturity model when auditing a provider's security controls
- Calculate a maturity score for each CCM control area
- Derive a provider's maturity level from the maturity scores
- Demonstrate how to recommend STAR certification
ISO/IEC 27001 qualified auditors or those with equivalent knowledge and experience.
Suggested job roles include:
- Network security managers
- Information security consultants
- Cyber Security principals
- IT Risk and Security managers
ISO/IEC 27001 audit qualification or equivalent experience.
To successfully complete this course an examination must be passed.