Cloud Security Alliance
The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders.
The Cloud Security Alliance - CSA launched the OCF (Open Certification Framework) initiative in May 2012 with the aim of providing Cloud users with simple and standard ways to evaluate cloud provider resilience, data protection capabilities and service portability. The OCF is based on a 3 levels structure: level 1 is a self assessment based certification, level 2 is a certification based on a third party assessment that builds on ISO 27001 and it is integrated by the a set of cloud specific controls derived from Cloud Security Alliance Cloud Controls Matrix. Level 3 is a certification based on continuous monitoring based evidences (based on Cloud Security Alliance GRC Stack). Cloud Security Alliance has established a partnership with the British Standard Institution (BSI) for the development of OCF Level 2; this certification is called STAR Certification