Lack of security control transparency is a leading inhibitor to the adoption of cloud services.
As part of your organisations Information Assurance program, we recommend that you request all of your Cloud Service Providers to complete the Cloud Security Alliance (CSA) CONSENSUS ASSESSMENTS INITIATIVE QUESTIONNAIRE (CAIQ).
This will enable you to have greater confidence that your information is being appropriately protected, and that processes are in place for appropriate action to be taken where any areas of concern emerge.
You can assess your suppliers maturity of policies, systems and controls that are in place related to services you provide.
The questionnaire is available here or www.cloudsecurityalliance.org and can then be submitted through the submission portal.
The question set was developed by CSA in partnership with industry groups to provide an agreed question set that can be used across the supply chain and is focused on providing industry-accepted ways to document what security controls exist in IaaS, PaaS, and SaaS offerings, providing greater security control transparency.
The CAIQ is based upon the CSA Cloud Control Matrix (CCM) and provides a set of Yes/No questions to ascertain a CSP’s compliance with the Cloud Controls Matrix.
Participation will allow your suppliers to self-assess how securely they handle information on you and on behalf of your users, subscribers & clients.
Completion of the questionnaire is of mutual benefit to you and your suppliers.
Once your suppliers have completed the CAIQ self-assessment and submitted to CSA, their submission will be available on the CSA STAR Registry where their responses will be publicly available.
If they have any issues completing the CAIQ self-assessment, they can contact CSA at info@cloudsecurityalliance.org
The CSA’s free CyberSecurity self-assessment process is a win-win!
It helps both you and your Cloud Suppliers reduce the risk of data breaches & other CyberSecurity incidents as well as helping you both differentiate & promote to your industry, clients and the general public your dedication to safeguarding their personal data.
Benefits upon Completion of the Self-Assessment
Upon completion of the CSA CyberSecurity self-assessment you and your Cloud Suppliers will likely be more cybersecure, & will be permitted to display the following logo on its marketing, webpage, letterhead, etc.
In addition, you and your Cloud Suppliers may also decide to complete the CSA GDPR Code of Conduct Self-Assessment which will improve you and your Cloud Suppliers ability to comply with the GDPR, as well as permitting the display of the following logo on your marketing, webpage, letterhead, etc.
Social Sharing Image: This is the CSA credential badge that can be displayed after the self-assessment has been registered on the public register with the Cloud Security Alliance.
Enter the code WHen you pay full price to Purchase one of the following Self Service documents:
Re-Enter the code at checkout each time you buy the following documents to get a discount:
Click here to download ...
Subscribe for FREE access to our growing list of [350+] personal and/or business legal documents.
View PricingClose