Cloud Security Alliance Announces Open Certification Framework

By

The Cloud Security Alliance (CSA) announces the CSA Open Certification Framework – an industry initiative to allow global, trusted certification of cloud providers.

According to an announcement by the Cloud Security Alliance, the CSA Open Certification Framework is a program for flexible, incremental, and multi-layered cloud provider certification according to the Cloud Security Alliance’s industry leading security guidance and control objectives. The program will support popular third-party assessment and attestation statements developed within the public accounting community.

The CSA Open Certification Framework is based upon the control objectives and continuous monitoring structure as defined within the CSA GRC (Governance, Risk and Compliance) Stack research projects. The CSA Open Certification Framework will provide explicit guidance for providers to use GRC Stack tools for multiple certification efforts. For example, scoping documentation will articulate how a particular provider may follow an ISO/IEC 27001 certification path that incorporates the CSA Cloud Controls Matrix. CSA supports certify-once, use-often, where possible.

Initial partners for the CSA Open Certification Framework will be announced September 25 at CSA Congress Europe, and a detailed timeline will provided then as well. For more information, click here.

05/17/2012

Related content

comments powered by Disqus