Certifying to CSA STAR Certification

Show clients that you have addressed specific issues relating to cloud security as an enhancement to your ISO/IEC 27001 certification. CSA STAR Certification can boost customer and stakeholder confidence, enhance your corporate reputation and give your business a competitive advantage.

How to get CSA STAR Certification

We make the certification process straightforward. After we have received your application we appoint a client manager, with the skill set to match your organization, to guide your business through the following steps:

    1. Gap analysis 
      This is an optional pre-assessment service where we take a closer look at your existing system and compare it with the CSA STAR Certification requirements. This helps identify areas that need more work before we carry out a formal assessment, saving you time and money.
    1. Formal assessment 
      BSI will assess your cloud controls in a formal assessment usually as part of your ISO/IEC 27001 assessment. At this stage you will be awarded a Gold, Silver or Bronze rating depending on the level of maturity of your system. 
  1. Certification and beyond 
    When you have passed the formal assessment you will receive a STAR certificate, which is valid for three years. And your company will also appear on the STAR registry held by the CSA although for confidentiality purposes the level awarded will not be divulged. You may share that upon request. Your client manager will stay in touch during this time, paying you regular visits to make sure your system doesn’t just remain compliant, but that it continually improves.
Find out more about our certification services >

What are the benefits of CSA STAR Certification?

CSA STAR Certification brings big benefits to all companies of all sizes. Confidence, reputation and new business can come with CSA STAR Certification as more customers ask for proof of these measures. Plus it can help you as a cloud service provider:

  • Provide top management with visibility, so that they can evaluate the effectiveness of their management system in relation to expectations of the cloud security industry and ISO/IEC 27001
  • Implement an audit that is designed to reflect how your organization’s objectives are aimed at optimizing the cloud services
  • Demonstrate progress and performance levels via an independently validated award from an external certified body
  • Benchmark your performance against your peers

Additionally for customers of cloud service providers, CSA STAR Certification will provide a greater understanding of the level of controls that are in place.

See all features and benefits in our CSA STAR Certification product flyer

Client Case Study - Exponential-e

Exponential-e is a leading London based cloud and networking company, providing innovative technology services. To help reassure clients and ensure the highest levels of service, Exponential-e has gained certification to multiple international standards including ISO 9001 (Quality Management), ISO/IEC 27001 (Information Security Management), ISO/IEC 20000 (IT Service Management), ISO 22301 (Business Continuity Management), and CSA STAR for cloud security. Being an early adopter of CSA STAR, Exponential have a real competitive differentiator, helping to break down misconceptions on cloud security and reassure clients that their information is protected. 

Read the full case study (pdf) >

Why choose BSI?

We pioneered standards more than 100 years ago and today we’re the market leader. We help over 80,000 clients ranging from top global brands to small ambitious businesses in 182 countries worldwide to gain an edge over their competition. As one of the few organizations that understands standards from start to finish, we don’t only assess how well you’re meeting them, we create new standards from scratch and train teams globally to use them and perform better. Our knowledge can transform your organization.