The Inner Circle

Expand all | Collapse all

Submit to the STAR Registry

  • 1.  Submit to the STAR Registry

    Posted 12 days ago
    STAR is the industry's most powerful program for security assurance in the cloud. It is a publicly accessible registry of cloud service providers that encompasses the key principles of transparency, rigorous auditing, and harmonization of standards outlined in the CCM. Publish to the registry to:
    - Demonstrate to customers your security and compliance posture
    - Alleviate the need for multiple customer questionnaires

    Learn more and submit to the STAR registry here: https://csaurl.org/9e36gp

    #CloudSecurity #securityassessment #securitycompliance

    ​​​​

    ------------------------------
    Orbert .
    ------------------------------


  • 2.  RE: Submit to the STAR Registry

    Posted 11 days ago
    Absolutely agree!

    If a potential vendor does not have a listing on STAR, I ask why not?

    Sai Honig, CISSP, CCSP

    Sent from my iPad




  • 3.  RE: Submit to the STAR Registry

    Posted 10 days ago
    CSA STAR a single source of truth (SSOT).




    ------------------------------
    John B. Oseh
    Information Security Consultant
    Handelsbanken
    ------------------------------



  • 4.  RE: Submit to the STAR Registry

    Posted 10 days ago
    As I review vendors for my company, a record in STAR is very important to me as it allows me to understand the security posture of the vendor in a way that indicates their security practices as well as their approach to security. The cross-reference to other standards, such as ISO27001 and SOC2 is very valuable.

    ------------------------------
    Michalis Kamprianis
    Director Cyber Security
    Hexagon Manufacturing Intelligence
    ------------------------------



  • 5.  RE: Submit to the STAR Registry

    Posted 10 days ago

    Hi Sai,

    I would encourage you to ask the potential vendor if they have filled out the Consensus Assessment Initiative Questionnaire (CAIQ). There are many vendors who have actually filled this out but may not have listed it on the registry yet. In the event that the vendor has not completed the CAIQ or you don't see them listed on the registry, you can submit a request to have them verified. Download this letter template and send it to your CSP or security provider.

    Let me know if you have any more questions.

    Best,

    Courtney



    ------------------------------
    Courtney Keogh
    Membership Manager
    CSA
    ------------------------------



  • 6.  RE: Submit to the STAR Registry

    Posted 8 days ago
    Oh I ask about the CAIQ! However, I get a lot of blank stares back.

    Sai Honig

    Sent from my iPad




  • 7.  RE: Submit to the STAR Registry

    Posted 4 days ago
      |   view attached
    In that case, knowledge is power! The attached letter is a great way to orient your potential service provider to the STAR program.

    ------------------------------
    Courtney Keogh
    Membership Manager
    CSA
    ------------------------------

    Attachment(s)