Announcing the partnership, the CSA Managing Director EMEA, Daniele Catteddu said the flexible three-stage scheme would be created in line with the CSA’s industry-leading security guidance and control objectives and would support an independent third-party assessment, as well as attestation statements developed within the public accounting community.
“The rise of cloud as a global compute utility creates a mandate to better harmonise compliance concerns. We share with BSI a commitment to improve transparency in the cloud ecosystem and create a market of trusted cloud services.”
According to Catteddu, BSI is one of the most relevant players in the area of information security standards, certification and assessment, and the ideal partner for CSA in the development of the OCF. “Consumers and providers alike will benefit from the knowledge that their CSA-backed compliance activities will be broadly applicable within global regulatory regimes.”
“By adopting the Open Certification Framework, cloud service providers will benefit from reducing their risks, improving the incident recovery time and demonstrating good information governance,” Brown emphasised.
Brown said the Open Certification Framework was structured in three levels, each one of them providing an incremental level of trust and transparency to the operations of cloud service providers and a higher level of assurance to the cloud consumer.
“By partnering with the CSA, we are able to combine our expertise to develop a comprehensive Framework against which cloud providers can be independently benchmarked and which encourages continual improvement to ensure customers receive the best service possible.”